[php-maint] Bug#439927: CVE-2007-4033: Buffer overflow in GD extension
Thijs Kinkhorst
thijs at debian.org
Tue Aug 28 14:28:00 UTC 2007
Package: php5
Tags: security
Hi,
A security issue has been reported against the GD extension in PHP:
> Buffer overflow in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3
> allows context-dependent attackers to execute arbitrary code via a long
> argument to the imagepsloadfont function.
I've tried to assess whether Debian is vulnerable to this, but cannot come to
a definitive "yes" or "no". Could you please investigate?
thanks
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070828/e756234f/attachment.pgp
More information about the pkg-php-maint
mailing list