Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
gd.10569
gd.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gd.changes of Package gd.10569
------------------------------------------------------------------- Thu Jan 31 11:23:46 UTC 2019 - Petr Gajdos <pgajdos@suse.com> - security update * CVE-2019-6978 [bsc#1123522] + gd-CVE-2019-6978.patch * CVE-2019-6977 [bsc#1123361] + gd-CVE-2019-6977.patch ------------------------------------------------------------------- Mon Aug 27 14:02:05 UTC 2018 - pgajdos@suse.com - security update: * CVE-2018-1000222 [bsc#1105434] + gd-CVE-2018-1000222.patch ------------------------------------------------------------------- Mon Jan 22 14:58:51 UTC 2018 - pgajdos@suse.com - security update: * CVE-2018-5711 [bsc#1076391] + gd-CVE-2018-5711.patch ------------------------------------------------------------------- Tue Sep 5 13:49:20 UTC 2017 - pgajdos@suse.com - Version update to 2.2.5: ### Security - Double-free in gdImagePngPtr(). (CVE-2017-6362) - Buffer over-read into uninitialized memory. (CVE-2017-7890) ### Fixed - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386: gdImageGrayScale() may produce colors - Fix #406: webpng -i removes the transparent color - Fix Coverity #155475: Failure to restore alphaBlendingFlag - Fix Coverity #155476: potential resource leak - Fix several build issues and test failures - Fix and reenable optimized support for reading 1 bps TIFFs ### Added - The native MSVC buildchain now supports libtiff and most executables - removed patches (upstreamed): . gd-freetype.patch . gd-rounding.patch ------------------------------------------------------------------- Tue Aug 15 09:19:05 UTC 2017 - lnussel@suse.de - Don't fail gdimagegrayscale/basic on SLE15 (boo#1053825) ------------------------------------------------------------------- Fri Jul 21 11:29:06 UTC 2017 - tchvatal@suse.com - Add patch gd-rounding.patch - Set again the cflags so other archs do not fail testsuite ------------------------------------------------------------------- Fri Jul 7 10:54:11 UTC 2017 - tchvatal@suse.com - Version update to 2.2.4: * gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283 * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284 * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) bsc#1022263 * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) bsc#1022264 * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265 - Remove patches merged/obsoleted by upstream: * gd-config.patch * gd-disable-freetype27-failed-tests.patch * gd-test-unintialized-var.patch - Add patch gd-freetype.patch taking patch from upstream for freetype 2.7 ------------------------------------------------------------------- Fri Dec 9 17:09:40 UTC 2016 - pgajdos@suse.com - devel package also require libwebp-devel ------------------------------------------------------------------- Thu Dec 8 14:33:22 UTC 2016 - crrodriguez@opensuse.org - Support webp format, BuildRequires libwebp-devel ------------------------------------------------------------------- Thu Dec 8 14:20:54 UTC 2016 - crrodriguez@opensuse.org - Honour %optflags correctly. ------------------------------------------------------------------- Fri Sep 30 14:59:25 UTC 2016 - badshah400@gmail.com - Update to version 2.2.3: + Security fixes: - Php bug#72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766) - Issue gh/libgd/libgd#247: A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132) - Issue gh/libgd/libgd#247: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214) - Issue gh/libgd/libgd#248: fix Out-Of-Bounds Read in read_image_tga - Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207) - Fix php bug#72494, invalid color index not handled, can lead to crash (CVE-2016-6128) + Improve color check for CropThreshold + gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd. - Drop patches: + gd-CVE-2016-5116.patch: upstreamed + gd-CVE-2016-6132.patch: upstreamed + gd-CVE-2016-6214.patch: upstreamed + gd-CVE-2016-6905.patch: upstreamed + gd-libvpx.patch: vpx support dropped. - Add BuildRequires for automake and autoconf since gd-disable-freetype27-failed-tests.patch touches makefiles. - Drop getver.pl from source: included in upstream tarball. - Add "-msse -mfpmath=sse" to CFLAGS to fix tests on ix86 architectures. - Add "-ffp-contract=off" to CFLAGS for non-ix86 arch (ppc, arm) to fix a test: see gh#libgd/libgd#278. - Add gd-test-unintialized-var.patch to fix an uninitialised variable in tests/gd2/gd2_read.c to prevent it from compiling with -Werror (only causes problems in no ix86 arch surprisingly); patch sent upstream. - Rebase gd-disable-freetype27-failed-tests.patch for updated version. - Update URL and Source to project's new github URL's. ------------------------------------------------------------------- Thu Sep 29 14:06:53 UTC 2016 - badshah400@gmail.com - Add gd-disable-freetype27-failed-tests.patch: Disable for now tests failing against freetype >= 2.7 for being too exact (gh#libgd/libgd#302). The failures have been understood by upstream to be due to minor differences between test images and those generated when freeetype >= 2.7 is used to build gd. ------------------------------------------------------------------- Tue Aug 23 11:16:25 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-6132 [bsc#987577] + gd-CVE-2016-6132.patch * CVE-2016-6214 [bsc#991436] + gd-CVE-2016-6214.patch * CVE-2016-6905 [bsc#995034] + gd-CVE-2016-6905.patch ------------------------------------------------------------------- Mon May 30 13:17:18 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-5116 [bsc#982176] + gd-CVE-2016-5116.patch ------------------------------------------------------------------- Tue Mar 1 15:32:40 UTC 2016 - pgajdos@suse.com - add missing config/getver.pl [bsc#965190] ------------------------------------------------------------------- Tue May 12 14:11:33 UTC 2015 - joerg.lorenzen@ki.tng.de - Added patch gd-libvpx.patch to enable build against libvpx >= 1.4, new VPX_ prefixed namespaces are available since libvpx = 0.9.1. ------------------------------------------------------------------- Sat Feb 28 08:44:08 UTC 2015 - mpluskal@suse.com - Cleanup spec file with spec-cleaner - No longer needed patches * gd-2.1.0-CVE-2014-2497.patch * gd-autoconf.patch - Update to 2.1.1 * changelog provided only as commit log (see Changelog) * fix for CVE-2014-2497 ------------------------------------------------------------------- Tue Aug 26 05:58:53 UTC 2014 - jengelh@inai.de - Resolve build failure with automake-1.14 ------------------------------------------------------------------- Fri Jun 27 12:05:59 UTC 2014 - meissner@suse.com - split out libgd3, so libgd2 could be installed in parallel. ------------------------------------------------------------------- Thu Apr 17 17:51:34 UTC 2014 - tchvatal@suse.com - Add tiff and vpx to the devel deps as it is in .pc file. ------------------------------------------------------------------- Thu Apr 10 07:08:18 UTC 2014 - pgajdos@suse.com - build against libtiff and libvpx ------------------------------------------------------------------- Fri Apr 4 12:21:22 UTC 2014 - pgajdos@suse.com - fixed NULL ptr deref in GD XPM decoder [bnc#868624] * CVE-2014-2497.patch ------------------------------------------------------------------- Fri Dec 27 07:42:11 UTC 2013 - tchvatal@suse.com - Cleanup here&there to parallelize everything - Remove bogus cmake dependency ------------------------------------------------------------------- Tue Dec 17 14:30:38 UTC 2013 - pgajdos@suse.com - updated to 2.1.0 - removed warn.patch (not needed) - removed ppc64.patch (upstreamed) - removed gd-png_check_sig.patch (upstreamed) ------------------------------------------------------------------- Sun Feb 3 14:57:17 UTC 2013 - crrodriguez@opensuse.org - gd-autoconf.patch fix up compile file so gd can handle large files on 32 bit ------------------------------------------------------------------- Sun Feb 5 16:31:39 UTC 2012 - jengelh@medozas.de - Remove redundant tags/sections - Parallel build with %_smp_mflags - Remove pointless INSTALL file from rpm package (it's just the default autotools INSTALL blurb) ------------------------------------------------------------------- Wed Oct 5 12:05:47 UTC 2011 - uli@suse.com - cross-build fix: use libpng from sysroot ------------------------------------------------------------------- Sat Oct 1 05:39:10 UTC 2011 - coolo@suse.com - add libtool as buildrequire to make the spec file more reliable ------------------------------------------------------------------- Tue Jun 14 15:00:32 UTC 2011 - aj@suse.de - Devel package needs zlib-devel and libpng-devel. ------------------------------------------------------------------- Tue Apr 6 18:27:56 CEST 2010 - ro@suse.de - add baselibs.conf (for libpghoto2) ------------------------------------------------------------------- Sun Apr 4 18:39:19 CEST 2010 - ro@suse.de - replace png_check_sig by negated png_sig_cmp for libpng14 ------------------------------------------------------------------- Wed Nov 12 16:18:34 CET 2008 - crrodriguez@suse.de - QA Results: Regression on PPC64 only, detected by PHP test suite, the system libgd part, fix by IBM ------------------------------------------------------------------- Mon Mar 10 01:43:39 CET 2008 - crrodriguez@suse.de - fix rpm version number, otherwise it wont upgrade later. ------------------------------------------------------------------- Fri Jan 18 15:51:13 CET 2008 - anosek@suse.cz - updated to version 2.0.36RC1 * Fixed gdImageCopy with true color image, the transparent color was ignored * Fixed support of PNG grayscale image with alpha channel * Added Netware builds script * ease the creation of regexp to match symbols/functions in the sources * _gdCreateFromFile() can crash if gdImageCreate fails * gdImageCreateFrom*Ptr() can crash if gdNewDynamicCtxEx() fails * gdImageRectangle draws 1x1 rectangles as 1x3 rectangles * Possible integer overflow in gdImageFill() * Optimization for single pixel line not in correct order * gdImageColorDeallocate can write outside buffer * gdImageColorTransparent can write outside buffer * gdImageWBMPCtx can crash when createwbmp fails * Fixed decoding of the html entity ϑ * Fixed configure script ignoring --with-png=DIR option - dropped obsoleted security.patch ------------------------------------------------------------------- Thu Dec 20 04:22:14 CET 2007 - crrodriguez@suse.de - remove static libraries and "la" files - devel package dependency cleanup ------------------------------------------------------------------- Mon Jul 9 09:09:51 CEST 2007 - anosek@suse.cz - updated to version 2.0.35 * Fix valgrind error in gdImageFillTiled (Nuno Lopes) * Add missing custom cmake macros (required for the tests suite) * Avoid signature buffer copy in gd_gif_c (Nuno Lopes) * Race condition in gdImageStringFTEx (Antony Dogval, Pierre Scott MacVicar) * Reading GIF images is not thread safe (static usage in private functions) (Roman Nemecek, Nuno Lopes, Pierre) * GIF Local palette is read twice * GIF, Use local frame dimension when possible instead of the logical screen size (Pierre) * GIF, do not try to use the global colmap if it does not exist (Nuno Lopes, Pierre) * gdImageAALine draws axis lines with two pixels width (Pierre) * gdImageArc CPU usage with large angles (Pierre) * gdImageFilledRectangle regression fixed when used with reversed edges (Pierre) * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier Roche (Pierre) * Fixed segfault when an invalid color index is present in a GIF image data, reported by Elliot <wccode at gmail dot com> (Pierre) * Possible integer overflow in gdImageCreateTrueColor (Pierre) gdImageCreateXbm can crash if gdImageCreate fails (Pierre) - dropped obsolete patches (png-loop-CVE-2007-2756.patch) ------------------------------------------------------------------- Tue May 29 17:16:32 CEST 2007 - nadvornik@suse.cz - fixed infinite loop on truncated png images CVE-2007-2756 [#276525] ------------------------------------------------------------------- Thu May 3 17:54:51 CEST 2007 - prusnak@suse.cz - changed expat to libexpat-devel in Requires of devel subpackage ------------------------------------------------------------------- Tue Feb 20 11:47:45 CET 2007 - nadvornik@suse.cz - updated to 2.0.34: * security fixes merged upstream * various other bugfixes ------------------------------------------------------------------- Wed Aug 16 20:13:13 CEST 2006 - aj@suse.de - Reduce BuildRequires. ------------------------------------------------------------------- Wed Aug 16 18:09:26 CEST 2006 - aj@suse.de - Remove unneeded BuildRequire xorg-x11. ------------------------------------------------------------------- Wed Aug 16 10:42:17 CEST 2006 - aj@suse.de - Do not use fonts to build package. ------------------------------------------------------------------- Wed Aug 16 05:16:58 CEST 2006 - sndirsch@suse.de - gd-fontpath.diff: fixes new fontpath for Type1 fonts ------------------------------------------------------------------- Mon Aug 7 12:29:26 CEST 2006 - nadvornik@suse.cz - adjusted ttf fonts path for gdtestft ------------------------------------------------------------------- Fri Jun 23 14:13:13 CEST 2006 - nadvornik@suse.cz - fixed another check for return value on error [#186953] - gdlib-config is moved to devel package [#168628] ------------------------------------------------------------------- Thu Jun 8 18:56:20 CEST 2006 - nadvornik@suse.cz - fixed check for EOF in gd_gif_in.c [#182334] ------------------------------------------------------------------- Wed Mar 8 19:54:52 CET 2006 - sbrabec@suse.cz - Fixed devel dependencies. ------------------------------------------------------------------- Wed Jan 25 21:36:07 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Thu Jan 12 16:15:57 CET 2006 - nadvornik@suse.cz - compile with -fstack-protector ------------------------------------------------------------------- Thu Jan 5 13:54:33 CET 2006 - nadvornik@suse.cz - fixed another integer overflow [#138007] ------------------------------------------------------------------- Thu Nov 24 13:00:05 CET 2005 - meissner@suse.de - fixed 1 aliasing issue. ------------------------------------------------------------------- Sat Feb 5 11:23:14 CET 2005 - meissner@suse.de - added 1 missign format attribute ------------------------------------------------------------------- Mon Nov 22 12:56:45 CET 2004 - nadvornik@suse.cz - run test programs during build [#48382] ------------------------------------------------------------------- Mon Nov 15 12:37:31 CET 2004 - nadvornik@suse.cz - fixed more overflows - CAN-2004-0941 [#47666] ------------------------------------------------------------------- Tue Nov 02 15:44:19 CET 2004 - nadvornik@suse.cz - updated to 2.0.32: * fixed several integer overflows [#47666] * animated gif support ------------------------------------------------------------------- Tue Aug 24 09:59:01 CEST 2004 - nadvornik@suse.cz - updated to 2.0.28: restored support for reading and writing GIF images ------------------------------------------------------------------- Fri Feb 20 14:05:37 CET 2004 - schwab@suse.de - Fix missing return value. ------------------------------------------------------------------- Thu Feb 05 17:59:36 CET 2004 - nadvornik@suse.cz - updated to 2.0.22 - fixed dangerous compiler warnings ------------------------------------------------------------------- Sat Jan 10 17:22:24 CET 2004 - adrian@suse.de - add %defattr and %run_ldconfig ------------------------------------------------------------------- Tue Jan 06 12:35:57 CET 2004 - nadvornik@suse.cz - updated to 2.0.17 - fixed to build with new freetype ------------------------------------------------------------------- Thu Jul 24 16:02:58 CEST 2003 - mjancar@suse.cz - update to 2.0.15 ------------------------------------------------------------------- Thu Feb 13 11:20:57 CET 2003 - nadvornik@suse.cz - updated to 2.0.11: speed improvements, bugfixes ------------------------------------------------------------------- Fri Dec 13 22:16:16 CET 2002 - prehak@suse.cz - added gdImageCreateFromXpm() function prototype to gd.h ------------------------------------------------------------------- Thu Nov 28 19:10:29 CET 2002 - nadvornik@suse.cz - updated to 2.0.8 ------------------------------------------------------------------- Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de - removed bogus self-provides ------------------------------------------------------------------- Tue May 28 11:10:41 CEST 2002 - bk@suse.de - gd-devel requires gd and use prefix, bindir and includedir macros ------------------------------------------------------------------- Wed Feb 13 11:42:32 CET 2002 - nadvornik@suse.cz - used macro %{_libdir} ------------------------------------------------------------------- Fri Feb 1 00:26:06 CET 2002 - ro@suse.de - changed neededforbuild <libpng> to <libpng-devel-packages> ------------------------------------------------------------------- Mon Nov 5 18:15:48 CET 2001 - ro@suse.de - fix Makefile.am for automake 1.5 (removed duplicated line) ------------------------------------------------------------------- Fri May 25 15:34:38 CEST 2001 - pblaha@suse.cz - fix include on ia64 ------------------------------------------------------------------- Thu Mar 29 13:01:53 CEST 2001 - ro@suse.de - use aclocal ------------------------------------------------------------------- Wed Mar 21 16:05:52 CET 2001 - ro@suse.de - update to 1.8.4 - use freetype2 ------------------------------------------------------------------- Mon Dec 4 11:42:20 CET 2000 - pblaha@suse.cz - move simbolick link libgd.so -> gd-devel ------------------------------------------------------------------- Thu Nov 30 10:58:56 CET 2000 - aj@suse.de - Add suse_update_config. ------------------------------------------------------------------- Wed Nov 15 16:09:30 CET 2000 - pblaha@suse.cz - aplied patch from perl-GD and split to gd & gd-devel ------------------------------------------------------------------- Mon Jun 5 14:24:24 CEST 2000 - bubnikv@suse.cz - updated to 1.8.3 ------------------------------------------------------------------- Fri May 12 15:08:44 CEST 2000 - nadvornik@suse.cz - update to 1.8.1 - added BuildRoot ------------------------------------------------------------------- Tue Oct 12 00:04:19 CEST 1999 - ro@suse.de - added xpm and ttf support ------------------------------------------------------------------- Sun Oct 10 17:29:36 CEST 1999 - ro@suse.de - added libpng to neededforbuild ------------------------------------------------------------------- Thu Oct 7 11:26:30 CEST 1999 - schwab@suse.de - update to 1.7.3 ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ------------------------------------------------------------------- Thu Sep 9 12:15:28 CEST 1999 - bs@suse.de - fixed call of Check at the end of %install section ------------------------------------------------------------------- Tue Jun 15 23:51:28 MEST 1999 - ro@suse.de - fixed doc installation ------------------------------------------------------------------- Tue Jun 15 16:23:00 MEST 1999 - ro@suse.de - update to 1.3 ------------------------------------------------------------------- Thu Feb 5 15:35:02 MET 1998 - ro@suse.de - ready for autobuild
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor