Overview

File _patchinfo of Package patchinfo.10570

<patchinfo incident="10570">
  <issue tracker="bnc" id="1123361">VUL-0: CVE-2019-6977: gd: A heap based buffer overflow is discovered in GD Graphics library</issue>
  <issue tracker="bnc" id="1123522">VUL-1: CVE-2019-6978: gd: The GD Graphics Library 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c.</issue>
  <issue tracker="cve" id="2019-6978"/>
  <issue tracker="cve" id="2019-6977"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for gd fixes the following issues:

Security issues fixed:

- CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123361).
- CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522).
</description>
  <summary>Security update for gd</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places