5 - USN-4316-1

A security issue affects these releases of Ubuntu and its
derivatives:



- Ubuntu 19.10

- Ubuntu 18.04 LTS

- Ubuntu 16.04 LTS



Summary:



Several security issues were fixed in GD Graphics
Library.



Software Description:

- libgd2: Open source code library for the dynamic creation of
images



Details:



It was discovered that GD Graphics Library incorrectly handled
cloning an

image. An attacker could possibly use this issue to cause GD
Graphics Library

to crash, resulting in a denial of service. (CVE-2018-14553)



It was discovered that GD Graphics Library incorrectly handled
loading images

from X bitmap format files. An attacker could possibly use this
issue to cause

GD Graphics Library to crash, resulting in a denial of service,
or to disclose

contents of the stack that has been left there by previous code.
This issue

only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
(CVE-2019-11038) style="font-style: normal; font-variant-ligatures: normal;
font-variant-caps: normal; font-weight: 400; letter-spacing:
normal; text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; word-spacing: 0px;
-webkit-text-stroke-width: 0px; text-decoration-style: initial;
text-decoration-color: initial; font-family: Arial, Helvetica,
sans-serif; font-size: small; background-color: rgb(255, 255,
255);">



Update instructions:



The problem can be corrected by updating your system to the
following

package versions:



Ubuntu 19.10:

 libgd-tools           2.2.5-5.2ubuntu0.19.10.1

 libgd3             2.2.5-5.2ubuntu0.19.10.1



Ubuntu 18.04 LTS:

 libgd-tools           2.2.5-4ubuntu0.4

 libgd3             2.2.5-4ubuntu0.4



Ubuntu 16.04 LTS:

 libgd-tools           2.1.1-4ubuntu0.16.04.12

 libgd3             2.1.1-4ubuntu0.16.04.12



In general, a standard system update will make all the necessary
changes.



References: