175414 – CVE-2004-0941 additional overflows in gd

Bug 175414 - CVE-2004-0941 additional overflows in gd

Summary: CVE-2004-0941 additional overflows in gd

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gd
Sub Component:
Version:	4
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Adam Tkac
QA Contact:
Docs Contact:
URL:
Whiteboard:	public=20041110,impact=moderate
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-12-09 22:06 UTC by Josh Bressers
Modified:	2013-04-30 23:33 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-10-31 14:00:21 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
gd-2.0.33-CVE-2004-0941.patch (2.06 KB, patch) 2006-01-23 08:48 UTC, Jitka Kozana	no flags	Details \| Diff
View All

Description Josh Bressers 2005-12-09 22:06:18 UTC

+++ This bug was initially created as a clone of Bug #175413 +++

Whilst creating a patch for CVE-2004-0990, Phil Knirsch discovered
addiitonal buffer overflow in the gd package.  These new overflows
affect calls to gdMalloc.

-- Additional comment from mjc on 2004-11-11 05:47 EST --
Created an attachment (id=106484)
Patch for CVE-2004-0990 and CVE-2004-0941


Please note that CVE-2004-0990 does not affect FC4

Comment 1 Jitka Kozana 2006-01-23 08:48:07 UTC

Created attachment 123564 [details]
gd-2.0.33-CVE-2004-0941.patch

I have forward-ported the patch from #138808 to 2.0.33, but it looks different 

from the patch in development.	
 
Please, could you review? See attachment.

Note You need to log in before you can comment on or make changes to this bug.