Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libgd3-2.2.5-lp152.8.3 RPM for x86_64

From OpenSuSE Leap 15.2 for x86_64

Name: libgd3 Distribution: openSUSE Leap 15.2
Version: 2.2.5 Vendor: openSUSE
Release: lp152.8.3 Build date: Sat May 16 19:31:47 2020
Group: System/Libraries Build host: lamb51
Size: 415427 Source RPM: gd-2.2.5-lp152.8.3.src.rpm
Packager: https://bugs.opensuse.org
Url: https://libgd.github.io/
Summary: A Drawing Library for Programs That Use PNG and JPEG Output
Gd allows your code to quickly draw images complete with lines, arcs,
text, and multiple colors. It supports cut and paste from other images
and flood fills. It outputs PNG, JPEG, and WBMP (for wireless devices)
and is supported by PHP.

Provides

Requires

License

MIT

Changelog

* Wed Mar 04 2020 pgajdos@suse.com
  - security update
  - added patches
    fix CVE-2018-14553 [bsc#1165471], null pointer dereference in gdImageClone()
    + gd-CVE-2018-14553.patch
* Tue Jul 16 2019 pgajdos@suse.com
  - security update
  - added patches
    CVE-2019-11038 [bsc#1140120]
    + gd-CVE-2019-11038.patch
* Thu May 30 2019 pgajdos@suse.com
  - change order while installing splitted library [bsc#1136574]
* Thu Jan 31 2019 Petr Gajdos <pgajdos@suse.com>
  - security update
    * CVE-2019-6978 [bsc#1123522]
      + gd-CVE-2019-6978.patch
    * CVE-2019-6977 [bsc#1123361]
      + gd-CVE-2019-6977.patch
* Mon Aug 27 2018 pgajdos@suse.com
  - security update:
    * CVE-2018-1000222 [bsc#1105434]
      + gd-CVE-2018-1000222.patch
* Mon Jan 22 2018 pgajdos@suse.com
  - security update:
    * CVE-2018-5711 [bsc#1076391]
      + gd-CVE-2018-5711.patch
* Tue Sep 05 2017 pgajdos@suse.com
  - Version update to 2.2.5:
    [#]## Security
    - Double-free in gdImagePngPtr(). (CVE-2017-6362)
    - Buffer over-read into uninitialized memory. (CVE-2017-7890)
    [#]## Fixed
    - Fix #109: XBM reading fails with printed error
    - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable
    - Fix #357: 2.2.4: Segfault in test suite
    - Fix #386: gdImageGrayScale() may produce colors
    - Fix #406: webpng -i removes the transparent color
    - Fix Coverity #155475: Failure to restore alphaBlendingFlag
    - Fix Coverity #155476: potential resource leak
    - Fix several build issues and test failures
    - Fix and reenable optimized support for reading 1 bps TIFFs
    [#]## Added
    - The native MSVC buildchain now supports libtiff and most executables
  - removed patches (upstreamed):
    . gd-freetype.patch
    . gd-rounding.patch
* Tue Aug 15 2017 lnussel@suse.de
  - Don't fail gdimagegrayscale/basic on SLE15 (boo#1053825)
* Fri Jul 21 2017 tchvatal@suse.com
  - Add patch gd-rounding.patch
  - Set again the cflags so other archs do not fail testsuite
* Fri Jul 07 2017 tchvatal@suse.com
  - Version update to 2.2.4:
    * gdImageCreate() doesn't check for oversized images and as such is prone
      to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
    * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
    * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
      bsc#1022263
    * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
      bsc#1022264
    * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265
  - Remove patches merged/obsoleted by upstream:
    * gd-config.patch
    * gd-disable-freetype27-failed-tests.patch
    * gd-test-unintialized-var.patch
  - Add patch gd-freetype.patch taking patch from upstream for
    freetype 2.7
* Fri Dec 09 2016 pgajdos@suse.com
  - devel package also require libwebp-devel
* Thu Dec 08 2016 crrodriguez@opensuse.org
  - Support webp format, BuildRequires libwebp-devel
* Thu Dec 08 2016 crrodriguez@opensuse.org
  - Honour %optflags correctly.
* Fri Sep 30 2016 badshah400@gmail.com
  - Update to version 2.2.3:
    + Security fixes:
    - Php bug#72339, Integer Overflow in _gd2GetHeader
      (CVE-2016-5766)
    - Issue gh/libgd/libgd#247: A read out-of-bands was found in
      the parsing of TGA files (CVE-2016-6132)
    - Issue gh/libgd/libgd#247: Buffer over-read issue when
      parsing crafted TGA file (CVE-2016-6214)
    - Issue gh/libgd/libgd#248: fix Out-Of-Bounds Read in
      read_image_tga
    - Integer overflow error within _gdContributionsAlloc()
      (CVE-2016-6207)
    - Fix php bug#72494, invalid color index not handled, can lead
      to crash (CVE-2016-6128)
    + Improve color check for CropThreshold
    + gdImageCopyResampled has been improved. Better handling of
      images with alpha channel, also brings libgd in sync with
      php's bundled gd.
  - Drop patches:
    + gd-CVE-2016-5116.patch: upstreamed
    + gd-CVE-2016-6132.patch: upstreamed
    + gd-CVE-2016-6214.patch: upstreamed
    + gd-CVE-2016-6905.patch: upstreamed
    + gd-libvpx.patch: vpx support dropped.
  - Add BuildRequires for automake and autoconf since
    gd-disable-freetype27-failed-tests.patch touches makefiles.
  - Drop getver.pl from source: included in upstream tarball.
  - Add "-msse -mfpmath=sse" to CFLAGS to fix tests on ix86
    architectures.
  - Add "-ffp-contract=off" to CFLAGS for non-ix86 arch (ppc, arm)
    to fix a test: see gh#libgd/libgd#278.
  - Add gd-test-unintialized-var.patch to fix an uninitialised
    variable in tests/gd2/gd2_read.c to prevent it from compiling
    with -Werror (only causes problems in no ix86 arch
    surprisingly); patch sent upstream.
  - Rebase gd-disable-freetype27-failed-tests.patch for updated
    version.
  - Update URL and Source to project's new github URL's.
* Thu Sep 29 2016 badshah400@gmail.com
  - Add gd-disable-freetype27-failed-tests.patch: Disable for now
    tests failing against freetype >= 2.7 for being too exact
    (gh#libgd/libgd#302). The failures have been understood by
    upstream to be due to minor differences between test images and
    those generated when freeetype >= 2.7 is used to build gd.
* Tue Aug 23 2016 pgajdos@suse.com
  - security update:
    * CVE-2016-6132 [bsc#987577]
      + gd-CVE-2016-6132.patch
    * CVE-2016-6214 [bsc#991436]
      + gd-CVE-2016-6214.patch
    * CVE-2016-6905 [bsc#995034]
      + gd-CVE-2016-6905.patch
* Mon May 30 2016 pgajdos@suse.com
  - security update:
    * CVE-2016-5116 [bsc#982176]
      + gd-CVE-2016-5116.patch
* Tue Mar 01 2016 pgajdos@suse.com
  - add missing config/getver.pl [bsc#965190]
* Tue May 12 2015 joerg.lorenzen@ki.tng.de
  - Added patch gd-libvpx.patch to enable build against libvpx >= 1.4,
    new VPX_ prefixed namespaces are available since libvpx = 0.9.1.
* Sat Feb 28 2015 mpluskal@suse.com
  - Cleanup spec file with spec-cleaner
  - No longer needed patches
    * gd-2.1.0-CVE-2014-2497.patch
    * gd-autoconf.patch
  - Update to 2.1.1
    * changelog provided only as commit log (see Changelog)
    * fix for CVE-2014-2497

Files

/usr/lib64/libgd.so.3
/usr/lib64/libgd.so.3.0.5
/usr/share/doc/packages/libgd3
/usr/share/doc/packages/libgd3/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 11:31:35 2024