-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3587-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso May 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2013-7456 CVE-2015-8874 CVE-2015-8877 Debian Bug : 824627 Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library. For the stable distribution (jessie), these problems have been fixed in version 2.1.0-5+deb8u3. For the unstable distribution (sid), these problems have been fixed in version 2.2.1-1 or earlier. We recommend that you upgrade your libgd2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXSF48AAoJEAVMuPMTQ89ElJIP/jlPZQMIVimV5FNAtvxm2Fm6 yqxSRiSsBL3Huh079QvWXvGGAaTNp3XVnwO89pQBF0Hekk7APltwITmR8W+dubsh wWMiI28H2zUAvKCIuy2wYXdvweeWGrcNs5ZTVJ6mraCHGvvpYBw3nDiVhx4vFMbP 32luiUs2ddRowNdo2e11h3siclsYNWnPa2ICL0D7BWCPcZdj+S7eQzG8TwlkSJXH 9aTymdWN+xPuUa3EICUWt3MHi0GyLmESZovOtkjuOvCGU1fqN2XasyGH0jSjYXRa UgdGNgrLxkGsqTKh1geseFS1vEf2CfRPTX7WMyVAGqsoq4Og17qpNdT0EUJynI8/ EN4F65IHyHHY7OfCEN5Tm1yKGd8Yx/aNN0139+UQ7k9SinJAfU3s0RVn+zIJ8IWc NUQTE18NBvKVy/iwqH4U4RCKHTBu2Q+frtw+Yqir6G01d4h7dk5UIvOyk9vYhYRk vSgM4o5eCN87X+w6UYjE3QaImLwVwthkCxzwmPWfBYQaqrNXE4eRO7DPgXlQwOvZ GF8qZY6SOZx9VsvkFYCj/mUulcAWgw8M/J0U0jfuCCzNgNR2gU/UWWQ7zAuuE2WN MCNMYLnWDoDTMLfrNQhdXxZRxU6+g3Yqicv2JCgDkWx53Fqts/ClRV4rgQlf292C nlZYcxvgp7aUOcy1Npiw =H9GB -----END PGP SIGNATURE-----