Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Nov 2009 07:38:38 +0100
From:      Arek Czereszewski <arek@wup-katowice.pl>
To:        freebsd-questions@freebsd.org
Subject:   php4-gd
Message-ID:  <4AF90A6E.3040907@wup-katowice.pl>

Next in thread | Raw E-Mail | Index | Archive | Help
Hello,

I have on some web servers php4-gd port installed
and I am totally confused.
Portaudit says

Affected package: php4-gd-4.4.9
Type of problem: gd -- '_gdGetColors' remote buffer overflow
vulnerability.
Reference: 
<http://portaudit.FreeBSD.org/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html>;

On this site is info about: 5.2.11 and 5.3.0

On Securityfocus is info also about 4.4.9
but on cve.mitre.org is not.

Any idea where is the true?
Are my servers with php4-gd are secure or not?

Regards
Arek

-- 
Arek Czereszewski
arek (at) wup-katowice (dot) pl
"UNIX allows me to work smarter, not harder."



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?4AF90A6E.3040907>