Replies: 1 comment
-
CVE-2021-38115 has been fixed with 8b111b2, which is available as of libgd 2.3.3. CVE-2021-40812 has been partially fixed with 6f51368, which is available as of libgd 2.3.3. The issue is not yet fixed for GIFs. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Please add a note to CHANGELOG with these CVEs if they are fixed:
https://nvd.nist.gov/vuln/detail/CVE-2021-38115 and https://nvd.nist.gov/vuln/detail/CVE-2021-40812 apply to libgd through 2.3.2, but there is no mention in CHANGELOG.
https://github.com/meweez claims to have fixed it in 8b111b2 (patch) but that says it can't find the commit.
Links from CVE-2021-38115:
#697
8b111b2
Links from CVE-2021-40812:
6f51368
#750 (comment)
Thanks.
Beta Was this translation helpful? Give feedback.
All reactions