Security update for gd
This update for gd fixes the following issues:
* CVE-2016-6214: Buffer over-read issue when parsing crafted TGA file [bsc#991436]
* CVE-2016-6132: read out-of-bands was found in the parsing of TGA files using libgd [bsc#987577]
* CVE-2016-6128: Invalid color index not properly handled [bsc#991710]
* CVE-2016-6207: Integer overflow error within _gdContributionsAlloc() [bsc#991622]
* CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032]
* CVE-2016-5116: avoid stack overflow (read) with large names [bsc#982176]
* CVE-2016-6905: Out-of-bounds read in function read_image_tga in gd_tga.c [bsc#995034]
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#991436
VUL-0: CVE-2016-6214: gd: Buffer over-read issue when parsing crafted TGA file
bnc#991622
VUL-0: CVE-2016-6207: gd: Integer overflow error within _gdContributionsAlloc()
bnc#988032
VUL-1: CVE-2016-6161: php: global out of bounds read when encoding gif from malformed input withgd2togif
bnc#987577
VUL-1: CVE-2016-6132: gd: read out-of-bands was found in the parsing of TGA files using libgd
bnc#991710
VUL-1: CVE-2016-6128: gd: Invalid color index not properly handled
bnc#982176
VUL-0: CVE-2016-5116: gd: avoid stack overflow (read) with large names
bnc#995034
VUL-0: CVE-2016-6905: gd: Out-of-bounds read in function read_image_tga in gd_tga.c
