175413 – (CVE-2004-0941) CVE-2004-0941 gd: additional overflows

Bug 175413 (CVE-2004-0941) - CVE-2004-0941 gd: additional overflows

Summary: CVE-2004-0941 gd: additional overflows

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2004-0941
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-12-09 22:04 UTC by Josh Bressers
Modified:	2021-11-12 19:20 UTC (History)
CC List:	2 users (show)
Fixed In Version:	RHSA-2006-0194
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-02-01 18:00:43 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2006:0194	0	normal	SHIPPED_LIVE	Moderate: gd security update	2006-02-01 05:00:00 UTC

Description Josh Bressers 2005-12-09 22:04:51 UTC

+++ This bug was initially created as a clone of Bug #138808 +++

Whilst creating a patch for CVE-2004-0990, Phil Knirsch discovered
addiitonal buffer overflow in the gd package.  These new overflows
affect calls to gdMalloc.

-- Additional comment from mjc on 2004-11-11 05:47 EST --
Created an attachment (id=106484)
Patch for CVE-2004-0990 and CVE-2004-0941


Please note that CVE-2004-0990 does not affect RHEL4

Comment 7 Red Hat Bugzilla 2006-02-01 18:00:43 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0194.html

Note You need to log in before you can comment on or make changes to this bug.