<= Back

AOSA-2016-0018: update GD Graphics Library to 2.2.3-1

Please update your libgd package to version 2.2.3-1.

A recent commit found in GD Graphics Library's Git master branch fixed a security vulnerability, described as follows:

Avoid potentially dangerous signed to unsigned conversion

We make sure to never pass a negative `rlen` as size to memcpy().

Which is assigned with the following CVE:

CVE-2016-8670 (reserved but not issued).

Relevant documentation: