Hello community, here is the log from the commit of package gd checked in at Tue Jul 10 14:34:14 CEST 2007. -------- --- gd/gd.changes 2007-05-29 17:20:41.000000000 +0200 +++ /mounts/work_src_done/STABLE/gd/gd.changes 2007-07-09 09:16:32.000000000 +0200 @@ -1,0 +2,28 @@ +Mon Jul 9 09:09:51 CEST 2007 - anosek@suse.cz + +- updated to version 2.0.35 + * Fix valgrind error in gdImageFillTiled (Nuno Lopes) + * Add missing custom cmake macros (required for the tests suite) + * Avoid signature buffer copy in gd_gif_c (Nuno Lopes) + * Race condition in gdImageStringFTEx (Antony Dogval, Pierre + Scott MacVicar) + * Reading GIF images is not thread safe (static usage in private + functions) (Roman Nemecek, Nuno Lopes, Pierre) + * GIF Local palette is read twice + * GIF, Use local frame dimension when possible instead of the + logical screen size (Pierre) + * GIF, do not try to use the global colmap if it does not exist + (Nuno Lopes, Pierre) + * gdImageAALine draws axis lines with two pixels width (Pierre) + * gdImageArc CPU usage with large angles (Pierre) + * gdImageFilledRectangle regression fixed when used with reversed + edges (Pierre) + * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier + Roche (Pierre) + * Fixed segfault when an invalid color index is present in a GIF + image data, reported by Elliot <wccode at gmail dot com> (Pierre) + * Possible integer overflow in gdImageCreateTrueColor (Pierre) + gdImageCreateXbm can crash if gdImageCreate fails (Pierre) +- dropped obsolete patches (png-loop-CVE-2007-2756.patch) + +------------------------------------------------------------------- Old: ---- gd-2.0.34.tar.bz2 gd-2.0.34-warn.patch gd-png-loop-CVE-2007-2756.patch New: ---- gd-2.0.35.tar.bz2 gd-2.0.35-warn.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gd.spec ++++++ --- /var/tmp/diff_new_pack.l23637/_old 2007-07-10 14:33:56.000000000 +0200 +++ /var/tmp/diff_new_pack.l23637/_new 2007-07-10 14:33:56.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package gd (Version 2.0.34) +# spec file for package gd (Version 2.0.35) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -16,9 +16,9 @@ Group: System/Libraries Obsoletes: gdlib Autoreqprov: on -Version: 2.0.34 -Release: 21 -URL: http://www.boutell.com/gd/ +Version: 2.0.35 +Release: 1 +URL: http://www.libgd.org/ Summary: A Drawing Library for Programs That Use PNG and JPEG Output Source: gd-%{version}.tar.bz2 Patch0: gd-%{version}-warn.patch @@ -27,7 +27,6 @@ Patch3: gd-aliasing.patch Patch4: gd-security.patch Patch6: gd-fontpath.patch -Patch7: gd-png-loop-CVE-2007-2756.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -69,7 +68,6 @@ %patch3 %patch4 %patch6 -%patch7 %build %{suse_update_config -f} @@ -138,6 +136,31 @@ %{_libdir}/*.la %changelog +* Mon Jul 09 2007 - anosek@suse.cz +- updated to version 2.0.35 + * Fix valgrind error in gdImageFillTiled (Nuno Lopes) + * Add missing custom cmake macros (required for the tests suite) + * Avoid signature buffer copy in gd_gif_c (Nuno Lopes) + * Race condition in gdImageStringFTEx (Antony Dogval, Pierre + Scott MacVicar) + * Reading GIF images is not thread safe (static usage in private + functions) (Roman Nemecek, Nuno Lopes, Pierre) + * GIF Local palette is read twice + * GIF, Use local frame dimension when possible instead of the + logical screen size (Pierre) + * GIF, do not try to use the global colmap if it does not exist + (Nuno Lopes, Pierre) + * gdImageAALine draws axis lines with two pixels width (Pierre) + * gdImageArc CPU usage with large angles (Pierre) + * gdImageFilledRectangle regression fixed when used with reversed + edges (Pierre) + * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier + Roche (Pierre) + * Fixed segfault when an invalid color index is present in a GIF + image data, reported by Elliot <wccode at gmail dot com> (Pierre) + * Possible integer overflow in gdImageCreateTrueColor (Pierre) + gdImageCreateXbm can crash if gdImageCreate fails (Pierre) +- dropped obsolete patches (png-loop-CVE-2007-2756.patch) * Tue May 29 2007 - nadvornik@suse.cz - fixed infinite loop on truncated png images CVE-2007-2756 [#276525] ++++++ gd-2.0.34.tar.bz2 -> gd-2.0.35.tar.bz2 ++++++ ++++ 7799 lines of diff (skipped) ++++++ gd-2.0.34-warn.patch -> gd-2.0.35-warn.patch ++++++ ++++++ gd-security.patch ++++++ --- /var/tmp/diff_new_pack.l23637/_old 2007-07-10 14:33:58.000000000 +0200 +++ /var/tmp/diff_new_pack.l23637/_new 2007-07-10 14:33:58.000000000 +0200 @@ -1,22 +1,13 @@ --- gd.c +++ gd.c -@@ -147,6 +151,7 @@ +@@ -147,6 +147,7 @@ } - memset (im, 0, sizeof (gdImage)); + if (overflow2(sizeof (int *), sy)) { + gdFree(im); return 0; } - im->tpixels = (int **) gdMalloc (sizeof (int *) * sy); -@@ -2757,6 +2762,8 @@ - } - bytes = (w * h / 8) + 1; - im = gdImageCreate (w, h); -+ if (!im) -+ return NULL; - gdImageColorAllocate (im, 255, 255, 255); - gdImageColorAllocate (im, 0, 0, 0); - x = 0; + --- gd_gd.c +++ gd_gd.c @@ -149,6 +149,8 @@ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org