Test Kennung:	1.3.6.1.4.1.25623.1.1.13.2020.083.01
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2020-083-01)
Zusammenfassung:	The remote host is missing an update for the 'gd' package(s) announced via the SSA:2020-083-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gd' package(s) announced via the SSA:2020-083-01 advisory. Vulnerability Insight: New gd packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/gd-2.3.0-i586-1_slack14.2.txz: Upgraded. This update fixes bugs and security issues: Potential double-free in gdImage*Ptr(). gdImageColorMatch() out of bounds write on heap. Uninitialized read in gdImageCreateFromXbm(). Double-free in gdImageBmp. Potential NULL pointer dereference in gdImageClone(). Potential infinite loop in gdImageCreateFromGifCtx(). For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'gd' package(s) on Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1000222 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/ https://security.gentoo.org/glsa/201903-18 https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html https://usn.ubuntu.com/3755-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-14553 https://bugzilla.redhat.com/show_bug.cgi?id=1599032 https://github.com/libgd/libgd/commit/a93eac0e843148dc2d631c3ba80af17e9c8c860f https://github.com/libgd/libgd/pull/580 https://lists.debian.org/debian-lts-announce/2020/02/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00003.html SuSE Security Announcement: openSUSE-SU-2020:0332 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html https://usn.ubuntu.com/4316-1/ https://usn.ubuntu.com/4316-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5711 https://www.oracle.com/security-alerts/cpuapr2020.html https://lists.debian.org/debian-lts-announce/2018/01/msg00022.html RedHat Security Advisories: RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296 RedHat Security Advisories: RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:2519 Common Vulnerability Exposure (CVE) ID: CVE-2019-11038 Bugtraq: 20190923 [SECURITY] [DSA 4529-1] php7.0 security update (Google Search) https://seclists.org/bugtraq/2019/Sep/38 Debian Security Information: DSA-4529 (Google Search) https://www.debian.org/security/2019/dsa-4529 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/ https://bugzilla.redhat.com/show_bug.cgi?id=1724432 https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html RedHat Security Advisories: RHSA-2019:3299 https://access.redhat.com/errata/RHSA-2019:3299 Common Vulnerability Exposure (CVE) ID: CVE-2019-6977 BugTraq ID: 106731 http://www.securityfocus.com/bid/106731 Debian Security Information: DSA-4384 (Google Search) https://www.debian.org/security/2019/dsa-4384 https://www.exploit-db.com/exploits/46677/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/ http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://bugs.php.net/bug.php?id=77270 SuSE Security Announcement: openSUSE-SU-2019:1140 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html SuSE Security Announcement: openSUSE-SU-2019:1148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html https://usn.ubuntu.com/3900-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-6978 https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0 https://github.com/libgd/libgd/issues/492 https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae RedHat Security Advisories: RHSA-2019:2722 https://access.redhat.com/errata/RHSA-2019:2722
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.