Ondrej Dubaj
dc2735f5a8
Potential double-free in gdImage*Ptr()
...
Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
must not call `gdDPExtractData()`; otherwise a double-free would
happen. Since `gdImage*Ctx()` are void functions, and we can't change
that for BC reasons, we're introducing static helpers which are used
internally.
We're adding a regression test for `gdImageJpegPtr()`, but not for
`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
trigger failure of the respective `gdImage*Ctx()` calls.
This potential security issue has been reported by Solmaz Salimi (aka.
Rooney).
2019-11-01 09:21:22 +01:00
Ondrej Dubaj
11a42338bd
Fixed heap based buffer overflow in gd_color_match.c:gdImageColorMatch() in libgd as used in imagecolormatch()
2019-11-01 09:19:30 +01:00
Fedora Release Engineering
25560c12f9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-25 01:36:12 +00:00
Fedora Release Engineering
63c4b6d2fc
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 20:41:00 +00:00
Igor Gnatenko
e3e957b2a7
Remove obsolete Group tag
...
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
2019-01-28 20:24:02 +01:00
Igor Gnatenko
ce2beac955
Remove obsolete ldconfig scriptlets
...
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-01-22 18:39:01 +01:00
Marek Skalický
88a1fee47a
Add missing requires to libimagequent-devel
2018-09-07 12:50:21 +02:00
Marek Skalický
1c371f67ec
Use libimagequant library (RHBZ#1468338)
2018-08-30 13:41:17 +02:00
Marek Skalický
db74b09ab2
Check return value in gdImageBmpPtr to avoid double free (CVE-2018-1000222)
...
Don't mark gdimagegrayscale/basic test as failing.
2018-08-30 11:04:26 +02:00
Fedora Release Engineering
239e837e28
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-13 01:12:18 +00:00
Marek Skalický
6d559884cf
Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx
2018-03-26 12:49:23 +02:00
Fedora Release Engineering
aeaa355fc4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 10:43:06 +00:00
Remi Collet
8d6bbc8e0d
add libimagequant stuff (disabled for now)
2017-08-30 16:31:08 +02:00
Remi Collet
49b4f7faf0
Update to 2.2.5
...
fix double-free in gdImagePngPtr(). CVE-2017-6362
fix buffer over-read into uninitialized memory. CVE-2017-7890
2017-08-30 16:13:52 +02:00
Fedora Release Engineering
61160bb118
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-02 20:59:55 +00:00
Fedora Release Engineering
1ad28ecbd3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-26 09:10:24 +00:00
Petr Písař
dc0dadcaa3
perl dependency renamed to perl-interpreter < https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules >
2017-07-12 14:59:01 +02:00
Fedora Release Engineering
874c3ce051
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
2017-02-10 10:17:04 +00:00
Sandro Mani
7551847ff5
Rebuild (libwebp)
2017-02-01 19:21:35 +01:00
Remi Collet
b4e3dcda6c
v2.2.4
2017-01-19 09:38:12 +01:00
Marek Skalický
e2ae5b49bc
Fix invalid read in gdImageCreateFromTiffPtr() ( CVE-2016-6911)
...
- Disable tests using freetype in Fedora 26 (freetype > 2.6)
2016-12-06 10:58:48 +01:00
Marek Skalický
ba647201d1
Fix stack based buffer overflow when passing negative rlen
as size to
...
memcpy() (CVE-2016-8670)
2016-12-05 10:56:26 +01:00
Marek Skalický
23377414c3
Fix possible overflow in gdImageWebpCtx (CVE-2016-7568)
2016-12-05 10:10:05 +01:00
Dan Horák
5504d4e60b
- apply workaround for rhbz#1359680
2016-07-26 10:25:44 +02:00
Remi Collet
d79c636d4a
add upstream patch to fix build error
2016-07-22 08:18:28 +02:00
Remi Collet
41b3b9e60b
- Update to 2.2.3
...
- use -msse -mfpmath=sse build options (x86-32)
2016-07-22 07:56:12 +02:00
Remi Collet
ec7807215a
v2.2.2
2016-06-24 12:45:53 +02:00
Petr Písař
607009b05b
Mandatory Perl build-requires added < https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl >
2016-06-24 10:16:02 +02:00
Remi Collet
d1e321f550
remove unneeded sources
2016-05-28 07:48:18 +02:00
Marek Skalický
3f74c8be7c
Upgrade to 2.2.1 release
...
- Upstream moved to github.com
2016-05-27 14:12:47 +02:00
Marek Skalický
96326ff6bd
Fixed heap overflow (CVE-2016-3074)
2016-04-28 13:09:22 +02:00
Dennis Gilmore
7423ea762d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-03 21:05:37 +00:00
Tom Callaway
555389d148
rebuild for libvpx 1.5.0
2015-12-01 16:19:08 -05:00
Dennis Gilmore
b15c4cf3c5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
2015-06-17 07:05:35 +00:00
Remi Collet
26f02f8ae8
add upstream patch for libvpx 1.4.0
2015-04-07 13:13:48 +02:00
Tom Callaway
10c3182448
rebuild for libvpx 1.4.0
2015-04-06 15:58:26 -04:00
Remi Collet
b2eefd98f3
- fix version in gdlib.pc
...
- fix license handling
2015-03-23 18:30:43 +01:00
Jozef Mlich
ff3f68b87a
Update to 2.1.1 final
...
Resolves : #1181972
2015-01-14 13:52:36 +01:00
Jozef Mlich
b076ebc318
- Resolves : #1076676 CVE-2014-2497
...
Previous patch indroduced memory leak. Using upstream version.
463c3bd09b
2015-01-08 13:49:40 +01:00
Peter Robinson
cd2020e967
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-16 13:53:36 +00:00
Jozef Mlich
547d117bd8
Resolves : #1076676 CVE-2014-2497 NULL pointer dereference in gdImageCreateFromXpm()
2014-07-16 18:08:46 +02:00
Dennis Gilmore
3077453ae3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-07 08:33:15 -05:00
Peter Robinson
236d0d8a00
Fix FTBFS
2013-12-24 00:25:32 +00:00
Dennis Gilmore
1ed5f55666
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
2013-08-03 07:36:38 -05:00
Petr Písař
aae3094cb8
Perl 5.18 rebuild
2013-07-17 11:10:13 +02:00
Remi Collet
987553b38a
update to 2.1.0 final
2013-06-26 16:20:16 +02:00
Remi Collet
6f1d2b7128
rebuild for linpng 1.6
2013-06-25 10:39:29 +02:00
Remi Collet
5a51fe9ae7
- update to 2.1.0 (post RC2 git snapshot)
2013-06-11 08:04:20 +02:00
Remi Collet
3b3b1f1ef2
- drop uneeded patch
...
- really set default font search path
2013-04-23 07:57:39 +02:00
Honza Horák
d960c3c224
Fix build on aarch64
2013-03-25 16:26:20 +01:00