HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.
74f9f0b80ca8d59cd41c5d09975ba20cb91f186b15a715a72840744163cf4c42
Gentoo Linux Security Advisory 201612-9 - Multiple vulnerabilities have been found in GD, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.2.3 are affected.
ffca006ac4ed95b5c403e05ca84f0447ce1e0afa104b4c0e8ddb6e3a031ccddc
Ubuntu Security Notice 3060-1 - It was discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked into processing a specially crafted TGA image, an attacker could cause a denial of service. It was discovered that the GD library incorrectly handled memory when using gdImageScale. A remote attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4ff0941884cc315075d0925f1efa11b66caecf01e8c16df9d940e0a0cdf582ce
Secunia Research has discovered a vulnerability in LibGD, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an integer overflow error within the "_gdContributionsAlloc()" function (gd_interpolation.c) and can be exploited to cause an out-of-bounds memory write access or exhaust available memory. Version 2.2.2 is affected.
92998209c35159f509bfca3cc0a070d94e80e86cc3547b28a2fad9d5f643df14
Debian Linux Security Advisory 3630-1 - Secunia Research at Flexera Software discovered an integer overflow vulnerability within the _gdContributionsAlloc() function in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an application using the libgd2 library.
5da39cc7be7960124d3a3a0b67e4b82259ece63499cc06e95475cdcfd7a14059
Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
06b270db60bab1c5042a20d49f118cbf8e37b6f5c672d51b08de3cc253ac07e0