Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libgd3 | Distribution: SUSE Linux Enterprise 15 |
Version: 2.2.5 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 11.3.1 | Build date: Thu Sep 16 12:28:47 2021 |
Group: System/Libraries | Build host: cabernet |
Size: 525835 | Source RPM: gd-2.2.5-11.3.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://libgd.github.io/ | |
Summary: A Drawing Library for Programs That Use PNG and JPEG Output |
Gd allows your code to quickly draw images complete with lines, arcs, text, and multiple colors. It supports cut and paste from other images and flood fills. It outputs PNG, JPEG, and WBMP (for wireless devices) and is supported by PHP.
MIT
* Tue Sep 14 2021 pgajdos@suse.com - security update - added patches fix CVE-2021-40812 [bsc#1190400], out-of-bounds read in GD library + gd-CVE-2021-40812.patch * Wed Mar 04 2020 pgajdos@suse.com - security update - added patches fix CVE-2018-14553 [bsc#1165471], null pointer dereference in gdImageClone() + gd-CVE-2018-14553.patch * Tue Jul 16 2019 pgajdos@suse.com - security update - added patches CVE-2019-11038 [bsc#1140120] + gd-CVE-2019-11038.patch * Thu May 30 2019 pgajdos@suse.com - change order while installing splitted library [bsc#1136574] * Thu Jan 31 2019 pgajdos@suse.com - security update * CVE-2019-6978 [bsc#1123522] + gd-CVE-2019-6978.patch * CVE-2019-6977 [bsc#1123361] + gd-CVE-2019-6977.patch * Mon Aug 27 2018 pgajdos@suse.com - security update: * CVE-2018-1000222 [bsc#1105434] + gd-CVE-2018-1000222.patch * Mon Jan 22 2018 pgajdos@suse.com - security update: * CVE-2018-5711 [bsc#1076391] + gd-CVE-2018-5711.patch * Tue Sep 05 2017 pgajdos@suse.com - Version update to 2.2.5: [#]## Security - Double-free in gdImagePngPtr(). (CVE-2017-6362) - Buffer over-read into uninitialized memory. (CVE-2017-7890) [#]## Fixed - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386: gdImageGrayScale() may produce colors - Fix #406: webpng -i removes the transparent color - Fix Coverity #155475: Failure to restore alphaBlendingFlag - Fix Coverity #155476: potential resource leak - Fix several build issues and test failures - Fix and reenable optimized support for reading 1 bps TIFFs [#]## Added - The native MSVC buildchain now supports libtiff and most executables - removed patches (upstreamed): . gd-freetype.patch . gd-rounding.patch * Tue Aug 15 2017 lnussel@suse.de - Don't fail gdimagegrayscale/basic on SLE15 (boo#1053825) * Fri Jul 21 2017 tchvatal@suse.com - Add patch gd-rounding.patch - Set again the cflags so other archs do not fail testsuite * Fri Jul 07 2017 tchvatal@suse.com - Version update to 2.2.4: * gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283 * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284 * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) bsc#1022263 * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) bsc#1022264 * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265 - Remove patches merged/obsoleted by upstream: * gd-config.patch * gd-disable-freetype27-failed-tests.patch * gd-test-unintialized-var.patch - Add patch gd-freetype.patch taking patch from upstream for freetype 2.7 * Fri Dec 09 2016 pgajdos@suse.com - devel package also require libwebp-devel * Thu Dec 08 2016 crrodriguez@opensuse.org - Support webp format, BuildRequires libwebp-devel * Thu Dec 08 2016 crrodriguez@opensuse.org - Honour %optflags correctly. * Fri Sep 30 2016 badshah400@gmail.com - Update to version 2.2.3: + Security fixes: - Php bug#72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766) - Issue gh/libgd/libgd#247: A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132) - Issue gh/libgd/libgd#247: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214) - Issue gh/libgd/libgd#248: fix Out-Of-Bounds Read in read_image_tga - Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207) - Fix php bug#72494, invalid color index not handled, can lead to crash (CVE-2016-6128) + Improve color check for CropThreshold + gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd. - Drop patches: + gd-CVE-2016-5116.patch: upstreamed + gd-CVE-2016-6132.patch: upstreamed + gd-CVE-2016-6214.patch: upstreamed + gd-CVE-2016-6905.patch: upstreamed + gd-libvpx.patch: vpx support dropped. - Add BuildRequires for automake and autoconf since gd-disable-freetype27-failed-tests.patch touches makefiles. - Drop getver.pl from source: included in upstream tarball. - Add "-msse -mfpmath=sse" to CFLAGS to fix tests on ix86 architectures. - Add "-ffp-contract=off" to CFLAGS for non-ix86 arch (ppc, arm) to fix a test: see gh#libgd/libgd#278. - Add gd-test-unintialized-var.patch to fix an uninitialised variable in tests/gd2/gd2_read.c to prevent it from compiling with -Werror (only causes problems in no ix86 arch surprisingly); patch sent upstream. - Rebase gd-disable-freetype27-failed-tests.patch for updated version. - Update URL and Source to project's new github URL's. * Thu Sep 29 2016 badshah400@gmail.com - Add gd-disable-freetype27-failed-tests.patch: Disable for now tests failing against freetype >= 2.7 for being too exact (gh#libgd/libgd#302). The failures have been understood by upstream to be due to minor differences between test images and those generated when freeetype >= 2.7 is used to build gd. * Tue Aug 23 2016 pgajdos@suse.com - security update: * CVE-2016-6132 [bsc#987577] + gd-CVE-2016-6132.patch * CVE-2016-6214 [bsc#991436] + gd-CVE-2016-6214.patch * CVE-2016-6905 [bsc#995034] + gd-CVE-2016-6905.patch * Mon May 30 2016 pgajdos@suse.com - security update: * CVE-2016-5116 [bsc#982176] + gd-CVE-2016-5116.patch * Tue Mar 01 2016 pgajdos@suse.com - add missing config/getver.pl [bsc#965190] * Tue May 12 2015 joerg.lorenzen@ki.tng.de - Added patch gd-libvpx.patch to enable build against libvpx >= 1.4, new VPX_ prefixed namespaces are available since libvpx = 0.9.1. * Sat Feb 28 2015 mpluskal@suse.com - Cleanup spec file with spec-cleaner - No longer needed patches * gd-2.1.0-CVE-2014-2497.patch * gd-autoconf.patch - Update to 2.1.1 * changelog provided only as commit log (see Changelog) * fix for CVE-2014-2497
/usr/lib64/libgd.so.3 /usr/lib64/libgd.so.3.0.5 /usr/share/doc/packages/libgd3 /usr/share/doc/packages/libgd3/COPYING
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 19:51:39 2024