1
Candidate: CVE-2016-7126
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126
5
http://www.openwall.com/lists/oss-security/2016/09/02/5
7
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25
8
and 7.x before 7.0.10 does not properly validate the number of colors,
9
which allows remote attackers to cause a denial of service (select_colors
10
allocation error and out-of-bounds write) or possibly have unspecified
11
other impact via a large value in the third argument.
14
tyhicks> The PHP bug states that libgd2 is not affected and I've verified this
15
through code review and testing.
17
https://bugs.php.net/bug.php?id=72697
23
upstream_libgd2: not-affected (overflow checks performed)
24
precise_libgd2: not-affected (overflow checks performed)
25
trusty_libgd2: not-affected (overflow checks performed)
26
vivid/stable-phone-overlay_libgd2: DNE
27
vivid/ubuntu-core_libgd2: DNE
28
xenial_libgd2: not-affected
29
devel_libgd2: not-affected (overflow checks performed)
32
upstream_php5: needs-triage
33
precise_php5: not-affected (uses system gd)
34
trusty_php5: not-affected (uses system gd)
35
vivid/ubuntu-core_php5: DNE
36
vivid/stable-phone-overlay_php5: DNE
41
upstream: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1
42
upstream_php7.0: needs-triage
45
vivid/ubuntu-core_php7.0: DNE
46
vivid/stable-phone-overlay_php7.0: DNE
47
xenial_php7.0: not-affected (uses system gd)
48
devel_php7.0: not-affected (uses system gd)