SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgd3-2.2.4-150300.3.8.x86_64.rpm :

* Tue Aug 15 2017 lnusselAATTsuse.de- Don\'t fail gdimagegrayscale/basic on SLE15 (boo#1053825)
* Fri Jul 21 2017 tchvatalAATTsuse.com- Add patch gd-rounding.patch- Set again the cflags so other archs do not fail testsuite
* Fri Jul 07 2017 tchvatalAATTsuse.com- Version update to 2.2.4:
* gdImageCreate() doesn\'t check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
* double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
* potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) bsc#1022263
* DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) bsc#1022264
* Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265- Remove patches merged/obsoleted by upstream:
* gd-config.patch
* gd-disable-freetype27-failed-tests.patch
* gd-test-unintialized-var.patch- Add patch gd-freetype.patch taking patch from upstream for freetype 2.7
* Fri Dec 09 2016 pgajdosAATTsuse.com- devel package also require libwebp-devel
* Thu Dec 08 2016 crrodriguezAATTopensuse.org- Support webp format, BuildRequires libwebp-devel
* Thu Dec 08 2016 crrodriguezAATTopensuse.org- Honour %optflags correctly.
* Fri Sep 30 2016 badshah400AATTgmail.com- Update to version 2.2.3: + Security fixes: - Php bug#72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766) - Issue gh/libgd/libgd#247: A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132) - Issue gh/libgd/libgd#247: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214) - Issue gh/libgd/libgd#248: fix Out-Of-Bounds Read in read_image_tga - Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207) - Fix php bug#72494, invalid color index not handled, can lead to crash (CVE-2016-6128) + Improve color check for CropThreshold + gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php\'s bundled gd.- Drop patches: + gd-CVE-2016-5116.patch: upstreamed + gd-CVE-2016-6132.patch: upstreamed + gd-CVE-2016-6214.patch: upstreamed + gd-CVE-2016-6905.patch: upstreamed + gd-libvpx.patch: vpx support dropped.- Add BuildRequires for automake and autoconf since gd-disable-freetype27-failed-tests.patch touches makefiles.- Drop getver.pl from source: included in upstream tarball.- Add \"-msse -mfpmath=sse\" to CFLAGS to fix tests on ix86 architectures.- Add \"-ffp-contract=off\" to CFLAGS for non-ix86 arch (ppc, arm) to fix a test: see gh#libgd/libgd#278.- Add gd-test-unintialized-var.patch to fix an uninitialised variable in tests/gd2/gd2_read.c to prevent it from compiling with -Werror (only causes problems in no ix86 arch surprisingly); patch sent upstream.- Rebase gd-disable-freetype27-failed-tests.patch for updated version.- Update URL and Source to project\'s new github URL\'s.
* Thu Sep 29 2016 badshah400AATTgmail.com- Add gd-disable-freetype27-failed-tests.patch: Disable for now tests failing against freetype >= 2.7 for being too exact (gh#libgd/libgd#302). The failures have been understood by upstream to be due to minor differences between test images and those generated when freeetype >= 2.7 is used to build gd.
* Tue Aug 23 2016 pgajdosAATTsuse.com- security update:
* CVE-2016-6132 [bsc#987577] + gd-CVE-2016-6132.patch
* CVE-2016-6214 [bsc#991436] + gd-CVE-2016-6214.patch
* CVE-2016-6905 [bsc#995034] + gd-CVE-2016-6905.patch
* Mon May 30 2016 pgajdosAATTsuse.com- security update:
* CVE-2016-5116 [bsc#982176] + gd-CVE-2016-5116.patch
* Tue Mar 01 2016 pgajdosAATTsuse.com- add missing config/getver.pl [bsc#965190]
* Tue May 12 2015 joerg.lorenzenAATTki.tng.de- Added patch gd-libvpx.patch to enable build against libvpx >= 1.4, new VPX_ prefixed namespaces are available since libvpx = 0.9.1.
* Sat Feb 28 2015 mpluskalAATTsuse.com- Cleanup spec file with spec-cleaner- No longer needed patches
* gd-2.1.0-CVE-2014-2497.patch
* gd-autoconf.patch- Update to 2.1.1
* changelog provided only as commit log (see Changelog)
* fix for CVE-2014-2497
 
ICM