Bug 242033 (CVE-2007-2756)
Summary: | CVE-2007-2756 gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Joe Orton <jorton> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | kreilly, varekova |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-02-17 15:13:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 278361, 278381, 278391, 278401, 278411, 278421, 432784, 432786, 432787, 833899 | ||
Bug Blocks: |
Description
Joe Orton
2007-06-01 12:36:29 UTC
References: http://bugs.libgd.org/?do=details&task_id=86 http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_png.c?r1=1.4.2.7&r2=1.4.2.7.4.1&diff_format=u This issue was addressed in: Red Hat Application Stack: http://rhn.redhat.com/errata/RHSA-2007-0891.html Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2007-0890.html http://rhn.redhat.com/errata/RHSA-2007-0889.html Fedora: updated to fixed upstream version Comment #7 describes Errata where this issue was fixed in gd library embedded in php source code. This issue also affects gd packages as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5. Similar commit as mentioned in comment #4, but in libgd CVS repository: http://cvs.php.net/viewcvs.cgi/gd/libgd/src/gd_png.c?r1=1.22&r2=1.23 Updated gd packages addressing this issue were released for Red Hat Enterprise Linux 4 and 5: https://rhn.redhat.com/errata/RHSA-2008-0146.html Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates for libwmf in Red Hat Enterprise Linux 5 and 6. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. |