Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
Created php tracking bugs for this issue:
Affects: fedora-all [bug 1418991]
Created libwmf tracking bugs for this issue:
Affects: fedora-all [bug 1418992]
Will the fix for Fedora port to Red Hat soon?
Redirecting flag to correct reporter.
(In reply to Carl Song from comment #3)
> Will the fix for Fedora port to Red Hat soon?
Please contact Red Hat support staff for questions regarding updates for Red Hat products.
This issue does not affect the version of php or libgd shipped with any versions of Red Hat Enterprise Linux since the affected code is not shipped with these packages.
In the version of php shipped with Red Hat Enterprise Linux 7, the code exists in the source code but is not compiled because php is not compiled with libvpx.