+++ This bug was initially created as a clone of Bug #175413 +++ Whilst creating a patch for CVE-2004-0990, Phil Knirsch discovered addiitonal buffer overflow in the gd package. These new overflows affect calls to gdMalloc. -- Additional comment from mjc on 2004-11-11 05:47 EST -- Created an attachment (id=106484) Patch for CVE-2004-0990 and CVE-2004-0941 Please note that CVE-2004-0990 does not affect FC4
Created attachment 123564 [details] gd-2.0.33-CVE-2004-0941.patch I have forward-ported the patch from #138808 to 2.0.33, but it looks different from the patch in development. Please, could you review? See attachment.