Bug 137252 - CAN-2004-0990 integer overflow in internal GD image library
Summary: CAN-2004-0990 integer overflow in internal GD image library
Status: CLOSED WORKSFORME
Alias: None
Product: Fedora
Classification: Fedora
Component: php (Show other bugs)
(Show other bugs)
Version: 2
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL:
Whiteboard: public=20041026,impact=moderate
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-10-26 22:41 UTC by Josh Bressers
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-11-05 17:08:27 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Josh Bressers 2004-10-26 22:41:07 UTC
Bug 137249 describes an integer overflow in the GD image library.  PHP
can either use its internal GD, or the system GD library.  In RHEL3,
we use the internal GD library.

We should use the system GD library rather than the internal PHP library.

This will probably also affect FC3.

Comment 1 Joe Orton 2004-11-05 17:08:27 UTC
Per bug 137249, the libgd embeded in PHP is modified to be safe
against this kind of issue.


Note You need to log in before you can comment on or make changes to this bug.