-
libgd2 (2.2.5-3) unstable; urgency=medium
* Disable gdimagerotate/bug00067 because it FTBFS on i386
-- Ondřej Surý <email address hidden> Tue, 05 Sep 2017 13:46:57 +0200
-
libgd2 (2.2.5-2ubuntu1) artful; urgency=medium
[ Ondřej Surý ]
* Disable gdimagerotate/bug00067 because it FTBFS on i386 (LP: #1717016)
-- Balint Reczey <email address hidden> Wed, 13 Sep 2017 22:03:26 +0200
-
libgd2 (2.2.5-2) unstable; urgency=medium
* Fix OOB read due to crafted GD/GD2 images
* Disable gdimagecopyresampled/bug00201 that makes some platforms to FTBFS
-- Ondřej Surý <email address hidden> Mon, 04 Sep 2017 09:43:31 +0200
-
libgd2 (2.2.5-1) unstable; urgency=high
* New upstream version 2.2.5
+ [CVE-2017-6362]: Double-free in gdImagePngPtr().
+ [CVE-2017-7890]: Buffer over-read into uninitialized memory.
* Update d/watch for the github releases
* Refresh patches for the 2.2.5 release
-- Ondřej Surý <email address hidden> Wed, 30 Aug 2017 14:21:43 +0200
-
libgd2 (2.2.4-2ubuntu1) artful; urgency=medium
* SECURITY UPDATE: memory read vulnerability in GIF
- debian/patches/CVE-2017-7890.patch: zeroing buffers to avoid
information leak and adding test in src/gd_gif_in.c,
tests/gif/CMakeLists.txt, tests/gif/MakeModule.am,
tests/gif/uninitialized_memory_read.c,
tests/gif/unitialized_memory_read.gif.
- CVE-2017-7890
* Fixing test fail for freetype 2.7
- debian/patches/fix-test-fails-freetype2_7.patch: disable
subpixel hinting in tests/freetype/bug00132.c,
tests/gdimagestringft/gdimagestrinft_bbox.c
-- <email address hidden> (Leonidas S. Barbosa) Thu, 10 Aug 2017 14:17:46 -0300
-
libgd2 (2.2.4-2) unstable; urgency=medium
* Apply correct patch on tiff_invalid_read
-- Ondřej Surý <email address hidden> Wed, 18 Jan 2017 21:06:46 +0100
