Overview
Request 510888 superseded
- Version update to 2.2.4:
* gdImageCreate() doesn't check for oversized images and as such is prone
to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
* double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
* potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
bsc#1022263
* DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
bsc#1022264
* Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265
- Remove patches merged/obsoleted by upstream:
* gd-config.patch
* gd-disable-freetype27-failed-tests.patch
* gd-test-unintialized-var.patch
- Add patch gd-freetype.patch taking patch from upstream for
freetype 2.7 (forwarded request 508757 from scarabeus_iv)
- Created by pgajdos
- In state superseded
- Superseded by 511835
-
Open review for
legal-auto
-
Open review for
factory-repo-checker
-
Open review for
factory-staging
Request History
pgajdos created request
- Version update to 2.2.4:
* gdImageCreate() doesn't check for oversized images and as such is prone
to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
* double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
* potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
bsc#1022263
* DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
bsc#1022264
* Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265
- Remove patches merged/obsoleted by upstream:
* gd-config.patch
* gd-disable-freetype27-failed-tests.patch
* gd-test-unintialized-var.patch
- Add patch gd-freetype.patch taking patch from upstream for
freetype 2.7 (forwarded request 508757 from scarabeus_iv)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot set openSUSE:Factory:Staging:H as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:H"
staging-bot accepted review
Picked openSUSE:Factory:Staging:H
factory-repo-checker reopened review
gd is still building for repository openSUSE_Factory
factory-repo-checker reopened review
gd failed to build in repository openSUSE_Factory - not accepting
dimstar accepted review
factory-repo-checker reopened review
gd is still building for repository openSUSE_Factory
factory-repo-checker reopened review
gd failed to build in repository openSUSE_Factory - not accepting
dimstar_suse accepted review
Removing from openSUSE:Factory:Staging:H, re-evaluation needed
dimstar_suse added factory-staging as a reviewer
Requesting new staging review
dimstar_suse declined request
Fails on other archs than x86_64
superseded by 511835
failed in testsuite on i586 and power, and it looks like reproducible.