AOSA-2016-0018: update GD Graphics Library to 2.2.3-1
October 18, 2016
Please update your libgd
package to version 2.2.3-1
.
A recent commit found in GD Graphics Library's Git master
branch fixed a security vulnerability, described as follows:
Avoid potentially dangerous signed to unsigned conversion
We make sure to never pass a negative `rlen` as size to memcpy().
Which is assigned with the following CVE:
CVE-2016-8670 (reserved but not issued).
Relevant documentation: