gd 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1264351614
업데이트 : 2010.01.25
상세내용
- 보안버그 수정 사항
. CVE-2009-3546
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1,
and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal
structure member, which might allow remote attackers to conduct buffer overflow
or buffer over-read attacks via a crafted GD file, a different vulnerability
than CVE-2009-3293. NOTE: some of these details are obtained from third party
information.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. gd-2.0.28-5.4E.el4.1.i686.rpm
. gd-progs-2.0.28-5.4E.el4.1.i686.rpm
. gd-devel-2.0.28-5.4E.el4.1.i686.rpm
SRPMS :
. gd-2.0.28-5.4E.el4.1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
|