137252 – CAN-2004-0990 integer overflow in internal GD image library

Bug 137252 - CAN-2004-0990 integer overflow in internal GD image library

Summary: CAN-2004-0990 integer overflow in internal GD image library

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	php
Sub Component:
Version:	2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Joe Orton
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:	public=20041026,impact=moderate
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-10-26 22:41 UTC by Josh Bressers
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2004-11-05 17:08:27 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Josh Bressers 2004-10-26 22:41:07 UTC

Bug 137249 describes an integer overflow in the GD image library.  PHP
can either use its internal GD, or the system GD library.  In RHEL3,
we use the internal GD library.

We should use the system GD library rather than the internal PHP library.

This will probably also affect FC3.

Comment 1 Joe Orton 2004-11-05 17:08:27 UTC

Per bug 137249, the libgd embeded in PHP is modified to be safe
against this kind of issue.

Note You need to log in before you can comment on or make changes to this bug.