Errata overview
Errata ID 323
Date 2015-09-23
Source package libgd2
Fixed in version 2.0.36~rc1~dfsg-
Multiple security vulnerabilities were fixed in libgd2:
* The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in
  PHP 5.4.26 and earlier, allows remote attackers to cause a denial
  of service (NULL pointer dereference and application crash) via a
  crafted color table in an XPM file (CVE-2014-2497).
* Potential crash of long running service due to buffer read overflow
  in gd_gif_in.c when reading crafted GIFs (CVE-2014-9709).
Additional notes
CVE ID CVE-2014-2497
UCS Bug number #37089