It was found that dynamicGetbuf() doesn't check for out-of-bounds read and returns wrong return code.
Created gd tracking bugs for this issue: Affects: fedora-all [bug 1388788]
Created php tracking bugs for this issue: Affects: fedora-all [bug 1388790]
Created attachment 1214203 [details] CVE-2016-6911 patch
Why the patch is not published to upstream? Who created the fix please?
(In reply to Marek Skalický from comment #4) > Why the patch is not published to upstream? > Who created the fix please? I took it from https://bugzilla.suse.com/show_bug.cgi?id=1005274#c0
Pull request to upstream https://github.com/libgd/libgd/pull/353