SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gd-2.0.33-9tr.i586.rpm :
Wed Aug 8 14:00:00 2007 Nived Gopalan 2.0.33-9tr
- SECURITY Fix: Some vulnerabilities have been reported in the GD
Graphics Library, where some have unknown impact and others can
potentially be exploited to cause a DoS (SA25855).
Includes fixes for CVE-2007-3472 to CVE-2007-3478.

Thu May 24 14:00:00 2007 Nived Gopalan 2.0.33-8tr
- SECURITY Fix: Xavier Roche has reported a vulnerability in GD
Graphics Library caused due to the incorrect use of libpng within
the function \"gdPngReadData()\" when processing truncated data.
This can be exploited to cause an infinite loop by e.g. tricking
an application using the library to process a specially crafted file.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-2756 to this issue.

Wed Feb 7 13:00:00 2007 Bipin S 2.0.33-7tr
- SECURITY Fix: Buffer overflow in the gdImageStringFTEx function
in gdft.c in GD Graphics Library allows remote attackers to cause
a denial of service (application crash) and possibly execute
arbitrary code via a crafted string with a JIS encoded font.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-0455 to this issue.

Thu Jun 29 14:00:00 2006 Nived Gopalan 2.0.33-6tr
- SECURITY Fix: Xavier Roche has discovered a vulnerability in the GD
Graphics Library, caused due to an infinite loop error within the
handling of GIF images. This can be exploited to consume a large
amount of CPU resources when the \"gdImageCreateFromGifPtr()\" function
is used with a specially crafted GIF image.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-2906 to this issue.

Wed Mar 16 13:00:00 2005 Lakshmi Dinamoni 2.0.33-4tr
- Add security patch

Fri Nov 12 13:00:00 2004 Oystein Viggen 2.0.33-3tr
- Add patch for CAN-2004-0941.
Patch provided by Stew Benedict

Tue Nov 9 13:00:00 2004 Erlend Midttun 2.0.33-2tr
- Now require freeype as opposed to libfreetype.

Thu Nov 4 13:00:00 2004 Erlend Midttun 2.0.33-1tr
- New upstream. Fixes security holes.

Fri Sep 24 14:00:00 2004 Syed Shabir 2.0.26-2tr
- New upstream

Mon Aug 9 14:00:00 2004 Oystein Viggen 2.0.22-2tr
- Rebuild for Enterprise Server 2

Mon Apr 19 14:00:00 2004 Goetz Bock 2.0.22-1bg
- new upstream: 2.0.22 and 2.0.21gif_040120
- merged this versiones
- don\'t link with the x libraries

Mon Mar 8 13:00:00 2004 Chr. Toldnes
- Rebuilt for TSL 2.1

Sat Oct 25 14:00:00 2003 Goetz Bock 2.0.15-3bg
- switched to inofficial version with gif support
- this needs more auto tools

Sun Oct 12 14:00:00 2003 Goetz Bock 2.0.15-2bg
- added libfreetype support

Sat Oct 11 14:00:00 2003 Goetz Bock 2.0.15-1bg
- new upstream: 2.0.15
- removed freetype
- build for Cloud (Tawie 2.0) - Contrib

Wed Apr 10 14:00:00 2002 Goetz Bock 2.0.1-0bn
- initial build for Trustix BlackNet Edition


  
ICM