CentOS 6 ELS: gd package gradual rollout
A new updated gd package within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.
Rollout slot: 3
Rolled out to: 0.1%
ETA for 100% rollout: November 2
Errata: https://errata.cloudlinux.com/els6/CLSA-2021-1634650263.html
CHANGELOG
gd-2.0.35-12.el6.cloudlinux.
- Add check for memory allocation errors processing GD2 images (CVE-2021-40145)
- Make sure transparent index is within bounds of the palette (CVE-2017-6363)
UPDATE COMMAND
yum update gd*
IMMEDIATE UPDATE (VIA BYPASS)
yum update gd* --enablerepo=ELS6-rollout-3-bypass