FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libgd -- integer overflow which could lead to heap buffer overflow

Affected packages
gd <= 2.2.3
php70-gd <= 7.0.11
php56-gd <= 5.6.26

Details

VuXML ID 2a526c78-84ab-11e6-a4a1-60a44ce6887b
Discovery 2016-09-02
Entry 2016-10-11
Modified 2016-10-18

LibGD reports:

An integer overflow issue was found in function gdImageWebpCtx of file gd_webp.c which could lead to heap buffer overflow.

References

FreeBSD PR ports/213023
URL https://bugs.php.net/bug.php?id=73003
URL https://github.com/libgd/libgd/issues/308