USN-3117-1: GD library vulnerabilities
USN-3117-1: GD library vulnerabilities Ubuntu Security Notice USN-3117-1 1st November, 2016 libgd2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary The GD library could be made to crash or run programs if it processed a specially crafted image file. Software description libgd2 – GD Graphics Library Details Ibrahim El-Sayed discovered that the GD library incorrectly handled certainmalformed Tiff images. If a user or automated system were tricked intoprocessing a specially crafted Tiff image, an attacker could cause a denialof service. (CVE-2016-6911) Ke Liu discovered that the GD library incorrectly handled certain integerswhen processing WebP images. If a user or automated system were trickedinto processing a specially crafted WebP image, an attacker could cause adenial of service, or possibly execute arbitrary code. This issue onlyapplied [ more… ]