rpms
/
gd
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
128 Commits 37 Branches 84 Tags 573 KiB
Commit Graph

128 Commits

Author SHA1 Message Date
Ondrej Dubaj dc2735f5a8 Potential double-free in gdImage*Ptr() 
Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
must not call `gdDPExtractData()`; otherwise a double-free would
happen.  Since `gdImage*Ctx()` are void functions, and we can't change
that for BC reasons, we're introducing static helpers which are used
internally.

We're adding a regression test for `gdImageJpegPtr()`, but not for
`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
trigger failure of the respective `gdImage*Ctx()` calls.

This potential security issue has been reported by Solmaz Salimi (aka.
Rooney).
 2019-11-01 09:21:22 +01:00
Ondrej Dubaj 11a42338bd Fixed heap based buffer overflow in gd_color_match.c:gdImageColorMatch() in libgd as used in imagecolormatch() 2019-11-01 09:19:30 +01:00
Fedora Release Engineering 25560c12f9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 01:36:12 +00:00
Fedora Release Engineering 63c4b6d2fc - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-01-31 20:41:00 +00:00
Igor Gnatenko e3e957b2a7 Remove obsolete Group tag 
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
 2019-01-28 20:24:02 +01:00
Igor Gnatenko ce2beac955
Remove obsolete ldconfig scriptlets 
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2019-01-22 18:39:01 +01:00
Marek Skalický 88a1fee47a
Add missing requires to libimagequent-devel 2018-09-07 12:50:21 +02:00
Marek Skalický 1c371f67ec
Use libimagequant library (RHBZ#1468338) 2018-08-30 13:41:17 +02:00
Marek Skalický db74b09ab2
Check return value in gdImageBmpPtr to avoid double free (CVE-2018-1000222) 
Don't mark gdimagegrayscale/basic test as failing.
 2018-08-30 11:04:26 +02:00
Fedora Release Engineering 239e837e28 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-13 01:12:18 +00:00
Marek Skalický 6d559884cf Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx 2018-03-26 12:49:23 +02:00
Fedora Release Engineering aeaa355fc4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 10:43:06 +00:00
Remi Collet 8d6bbc8e0d add libimagequant stuff (disabled for now) 2017-08-30 16:31:08 +02:00
Remi Collet 49b4f7faf0 Update to 2.2.5 
fix double-free in gdImagePngPtr(). CVE-2017-6362
fix buffer over-read into uninitialized memory. CVE-2017-7890
 2017-08-30 16:13:52 +02:00
Fedora Release Engineering 61160bb118 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 20:59:55 +00:00
Fedora Release Engineering 1ad28ecbd3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 09:10:24 +00:00
Petr Písař dc0dadcaa3 perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:59:01 +02:00
Fedora Release Engineering 874c3ce051 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 10:17:04 +00:00
Sandro Mani 7551847ff5 Rebuild (libwebp) 2017-02-01 19:21:35 +01:00
Remi Collet b4e3dcda6c v2.2.4 2017-01-19 09:38:12 +01:00
Marek Skalický e2ae5b49bc Fix invalid read in gdImageCreateFromTiffPtr() ( CVE-2016-6911) 
- Disable tests using freetype in Fedora 26 (freetype > 2.6)
 2016-12-06 10:58:48 +01:00
Marek Skalický ba647201d1 Fix stack based buffer overflow when passing negative `rlen` as size to 
memcpy() (CVE-2016-8670)
 2016-12-05 10:56:26 +01:00
Marek Skalický 23377414c3 Fix possible overflow in gdImageWebpCtx (CVE-2016-7568) 2016-12-05 10:10:05 +01:00
Dan Horák 5504d4e60b - apply workaround for rhbz#1359680 2016-07-26 10:25:44 +02:00
Remi Collet d79c636d4a add upstream patch to fix build error 2016-07-22 08:18:28 +02:00
Remi Collet 41b3b9e60b - Update to 2.2.3 
- use -msse -mfpmath=sse build options (x86-32)
 2016-07-22 07:56:12 +02:00
Remi Collet ec7807215a v2.2.2 2016-06-24 12:45:53 +02:00
Petr Písař 607009b05b Mandatory Perl build-requires added <https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl> 2016-06-24 10:16:02 +02:00
Remi Collet d1e321f550 remove unneeded sources 2016-05-28 07:48:18 +02:00
Marek Skalický 3f74c8be7c Upgrade to 2.2.1 release 
- Upstream moved to github.com
 2016-05-27 14:12:47 +02:00
Marek Skalický 96326ff6bd Fixed heap overflow (CVE-2016-3074) 2016-04-28 13:09:22 +02:00
Dennis Gilmore 7423ea762d - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 21:05:37 +00:00
Tom Callaway 555389d148 rebuild for libvpx 1.5.0 2015-12-01 16:19:08 -05:00
Dennis Gilmore b15c4cf3c5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 07:05:35 +00:00
Remi Collet 26f02f8ae8 add upstream patch for libvpx 1.4.0 2015-04-07 13:13:48 +02:00
Tom Callaway 10c3182448 rebuild for libvpx 1.4.0 2015-04-06 15:58:26 -04:00
Remi Collet b2eefd98f3 - fix version in gdlib.pc 
- fix license handling
 2015-03-23 18:30:43 +01:00
Jozef Mlich ff3f68b87a Update to 2.1.1 final 
Resolves: #1181972
 2015-01-14 13:52:36 +01:00
Jozef Mlich b076ebc318 - Resolves: #1076676 CVE-2014-2497 
Previous patch indroduced memory leak. Using upstream version.
  463c3bd09b
 2015-01-08 13:49:40 +01:00
Peter Robinson cd2020e967 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 13:53:36 +00:00
Jozef Mlich 547d117bd8 Resolves: #1076676 CVE-2014-2497 NULL pointer dereference in gdImageCreateFromXpm() 2014-07-16 18:08:46 +02:00
Dennis Gilmore 3077453ae3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 08:33:15 -05:00
Peter Robinson 236d0d8a00 Fix FTBFS 2013-12-24 00:25:32 +00:00
Dennis Gilmore 1ed5f55666 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 07:36:38 -05:00
Petr Písař aae3094cb8 Perl 5.18 rebuild 2013-07-17 11:10:13 +02:00
Remi Collet 987553b38a update to 2.1.0 final 2013-06-26 16:20:16 +02:00
Remi Collet 6f1d2b7128 rebuild for linpng 1.6 2013-06-25 10:39:29 +02:00
Remi Collet 5a51fe9ae7 - update to 2.1.0 (post RC2 git snapshot) 2013-06-11 08:04:20 +02:00
Remi Collet 3b3b1f1ef2 - drop uneeded patch 
- really set default font search path
 2013-04-23 07:57:39 +02:00
Honza Horák d960c3c224 Fix build on aarch64 2013-03-25 16:26:20 +01:00