Red Hat Bugzilla – Bug 177907
CVE-2004-0941 additional overflows in gd [FC5test2]
Last modified: 2007-11-30 17:11:21 EST
+++ This bug was initially created as a clone of Bug #175414 +++
Whilst creating a patch for CVE-2004-0990, Phil Knirsch discovered
addiitonal buffer overflow in the gd package. These new overflows
affect calls to gdMalloc.
See attachment which gives complete patch for both CVE-2004-0990 and
CVE-2004-0941, note that the CVE-2004-0990 parts are fixed in FC5test2, but the
the gdxpm.c fixes are missing.