Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2019-1250)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.2.2019.1250

Categoría: Huawei EulerOS Local Security Checks

Título: Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2019-1250)

Resumen: The remote host is missing an update for the Huawei EulerOS 'gd' package(s) announced via the EulerOS-SA-2019-1250 advisory.

Descripción: Summary:
The remote host is missing an update for the Huawei EulerOS 'gd' package(s) announced via the EulerOS-SA-2019-1250 advisory.

Vulnerability Insight:
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.(CVE-2019-6978)

Affected Software/OS:
'gd' package(s) on Huawei EulerOS Virtualization 2.5.4.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-6978
Debian Security Information: DSA-4384 (Google Search)
https://www.debian.org/security/2019/dsa-4384
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/
https://security.gentoo.org/glsa/201903-18
https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0
https://github.com/libgd/libgd/issues/492
https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae
https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html
RedHat Security Advisories: RHSA-2019:2722
https://access.redhat.com/errata/RHSA-2019:2722
SuSE Security Announcement: openSUSE-SU-2019:1140 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html
SuSE Security Announcement: openSUSE-SU-2019:1148 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html
https://usn.ubuntu.com/3900-1/

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2019.1250
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2019-1250)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'gd' package(s) announced via the EulerOS-SA-2019-1250 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'gd' package(s) announced via the EulerOS-SA-2019-1250 advisory. Vulnerability Insight: The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.(CVE-2019-6978) Affected Software/OS: 'gd' package(s) on Huawei EulerOS Virtualization 2.5.4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-6978 Debian Security Information: DSA-4384 (Google Search) https://www.debian.org/security/2019/dsa-4384 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/ https://security.gentoo.org/glsa/201903-18 https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0 https://github.com/libgd/libgd/issues/492 https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html RedHat Security Advisories: RHSA-2019:2722 https://access.redhat.com/errata/RHSA-2019:2722 SuSE Security Announcement: openSUSE-SU-2019:1140 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html SuSE Security Announcement: openSUSE-SU-2019:1148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html https://usn.ubuntu.com/3900-1/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH