Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
gd.10549
gd.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gd.changes of Package gd.10549
------------------------------------------------------------------- Thu May 30 13:01:45 UTC 2019 - pgajdos@suse.com - change order while installing splitted library [bsc#1136574] ------------------------------------------------------------------- Thu Jan 31 11:23:46 UTC 2019 - Petr Gajdos <pgajdos@suse.com> - security update * CVE-2019-6978 [bsc#1123522] + gd-CVE-2019-6978.patch * CVE-2019-6977 [bsc#1123361] + gd-CVE-2019-6977.patch ------------------------------------------------------------------- Mon Aug 27 14:02:05 UTC 2018 - pgajdos@suse.com - security update: * CVE-2018-1000222 [bsc#1105434] + gd-CVE-2018-1000222.patch ------------------------------------------------------------------- Mon Jan 22 14:58:51 UTC 2018 - pgajdos@suse.com - security update: * CVE-2018-5711 [bsc#1076391] + gd-CVE-2018-5711.patch ------------------------------------------------------------------- Tue Sep 5 13:49:20 UTC 2017 - pgajdos@suse.com - Version update to 2.2.5: ### Security - Double-free in gdImagePngPtr(). (CVE-2017-6362) - Buffer over-read into uninitialized memory. (CVE-2017-7890) ### Fixed - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386: gdImageGrayScale() may produce colors - Fix #406: webpng -i removes the transparent color - Fix Coverity #155475: Failure to restore alphaBlendingFlag - Fix Coverity #155476: potential resource leak - Fix several build issues and test failures - Fix and reenable optimized support for reading 1 bps TIFFs ### Added - The native MSVC buildchain now supports libtiff and most executables - removed patches (upstreamed): . gd-freetype.patch . gd-rounding.patch ------------------------------------------------------------------- Tue Aug 15 09:19:05 UTC 2017 - lnussel@suse.de - Don't fail gdimagegrayscale/basic on SLE15 (boo#1053825) ------------------------------------------------------------------- Fri Jul 21 11:29:06 UTC 2017 - tchvatal@suse.com - Add patch gd-rounding.patch - Set again the cflags so other archs do not fail testsuite ------------------------------------------------------------------- Fri Jul 7 10:54:11 UTC 2017 - tchvatal@suse.com - Version update to 2.2.4: * gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283 * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284 * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) bsc#1022263 * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) bsc#1022264 * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265 - Remove patches merged/obsoleted by upstream: * gd-config.patch * gd-disable-freetype27-failed-tests.patch * gd-test-unintialized-var.patch - Add patch gd-freetype.patch taking patch from upstream for freetype 2.7 ------------------------------------------------------------------- Fri Dec 9 17:09:40 UTC 2016 - pgajdos@suse.com - devel package also require libwebp-devel ------------------------------------------------------------------- Thu Dec 8 14:33:22 UTC 2016 - crrodriguez@opensuse.org - Support webp format, BuildRequires libwebp-devel ------------------------------------------------------------------- Thu Dec 8 14:20:54 UTC 2016 - crrodriguez@opensuse.org - Honour %optflags correctly. ------------------------------------------------------------------- Fri Sep 30 14:59:25 UTC 2016 - badshah400@gmail.com - Update to version 2.2.3: + Security fixes: - Php bug#72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766) - Issue gh/libgd/libgd#247: A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132) - Issue gh/libgd/libgd#247: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214) - Issue gh/libgd/libgd#248: fix Out-Of-Bounds Read in read_image_tga - Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207) - Fix php bug#72494, invalid color index not handled, can lead to crash (CVE-2016-6128) + Improve color check for CropThreshold + gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd. - Drop patches: + gd-CVE-2016-5116.patch: upstreamed + gd-CVE-2016-6132.patch: upstreamed + gd-CVE-2016-6214.patch: upstreamed + gd-CVE-2016-6905.patch: upstreamed + gd-libvpx.patch: vpx support dropped. - Add BuildRequires for automake and autoconf since gd-disable-freetype27-failed-tests.patch touches makefiles. - Drop getver.pl from source: included in upstream tarball. - Add "-msse -mfpmath=sse" to CFLAGS to fix tests on ix86 architectures. - Add "-ffp-contract=off" to CFLAGS for non-ix86 arch (ppc, arm) to fix a test: see gh#libgd/libgd#278. - Add gd-test-unintialized-var.patch to fix an uninitialised variable in tests/gd2/gd2_read.c to prevent it from compiling with -Werror (only causes problems in no ix86 arch surprisingly); patch sent upstream. - Rebase gd-disable-freetype27-failed-tests.patch for updated version. - Update URL and Source to project's new github URL's. ------------------------------------------------------------------- Thu Sep 29 14:06:53 UTC 2016 - badshah400@gmail.com - Add gd-disable-freetype27-failed-tests.patch: Disable for now tests failing against freetype >= 2.7 for being too exact (gh#libgd/libgd#302). The failures have been understood by upstream to be due to minor differences between test images and those generated when freeetype >= 2.7 is used to build gd. ------------------------------------------------------------------- Tue Aug 23 11:16:25 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-6132 [bsc#987577] + gd-CVE-2016-6132.patch * CVE-2016-6214 [bsc#991436] + gd-CVE-2016-6214.patch * CVE-2016-6905 [bsc#995034] + gd-CVE-2016-6905.patch ------------------------------------------------------------------- Mon May 30 13:17:18 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-5116 [bsc#982176] + gd-CVE-2016-5116.patch ------------------------------------------------------------------- Tue Mar 1 15:32:40 UTC 2016 - pgajdos@suse.com - add missing config/getver.pl [bsc#965190] ------------------------------------------------------------------- Tue May 12 14:11:33 UTC 2015 - joerg.lorenzen@ki.tng.de - Added patch gd-libvpx.patch to enable build against libvpx >= 1.4, new VPX_ prefixed namespaces are available since libvpx = 0.9.1. ------------------------------------------------------------------- Sat Feb 28 08:44:08 UTC 2015 - mpluskal@suse.com - Cleanup spec file with spec-cleaner - No longer needed patches * gd-2.1.0-CVE-2014-2497.patch * gd-autoconf.patch - Update to 2.1.1 * changelog provided only as commit log (see Changelog) * fix for CVE-2014-2497 ------------------------------------------------------------------- Tue Aug 26 05:58:53 UTC 2014 - jengelh@inai.de - Resolve build failure with automake-1.14 ------------------------------------------------------------------- Fri Jun 27 12:05:59 UTC 2014 - meissner@suse.com - split out libgd3, so libgd2 could be installed in parallel. ------------------------------------------------------------------- Thu Apr 17 17:51:34 UTC 2014 - tchvatal@suse.com - Add tiff and vpx to the devel deps as it is in .pc file. ------------------------------------------------------------------- Thu Apr 10 07:08:18 UTC 2014 - pgajdos@suse.com - build against libtiff and libvpx ------------------------------------------------------------------- Fri Apr 4 12:21:22 UTC 2014 - pgajdos@suse.com - fixed NULL ptr deref in GD XPM decoder [bnc#868624] * CVE-2014-2497.patch ------------------------------------------------------------------- Fri Dec 27 07:42:11 UTC 2013 - tchvatal@suse.com - Cleanup here&there to parallelize everything - Remove bogus cmake dependency ------------------------------------------------------------------- Tue Dec 17 14:30:38 UTC 2013 - pgajdos@suse.com - updated to 2.1.0 - removed warn.patch (not needed) - removed ppc64.patch (upstreamed) - removed gd-png_check_sig.patch (upstreamed) ------------------------------------------------------------------- Sun Feb 3 14:57:17 UTC 2013 - crrodriguez@opensuse.org - gd-autoconf.patch fix up compile file so gd can handle large files on 32 bit ------------------------------------------------------------------- Sun Feb 5 16:31:39 UTC 2012 - jengelh@medozas.de - Remove redundant tags/sections - Parallel build with %_smp_mflags - Remove pointless INSTALL file from rpm package (it's just the default autotools INSTALL blurb) ------------------------------------------------------------------- Wed Oct 5 12:05:47 UTC 2011 - uli@suse.com - cross-build fix: use libpng from sysroot ------------------------------------------------------------------- Sat Oct 1 05:39:10 UTC 2011 - coolo@suse.com - add libtool as buildrequire to make the spec file more reliable ------------------------------------------------------------------- Tue Jun 14 15:00:32 UTC 2011 - aj@suse.de - Devel package needs zlib-devel and libpng-devel. ------------------------------------------------------------------- Tue Apr 6 18:27:56 CEST 2010 - ro@suse.de - add baselibs.conf (for libpghoto2) ------------------------------------------------------------------- Sun Apr 4 18:39:19 CEST 2010 - ro@suse.de - replace png_check_sig by negated png_sig_cmp for libpng14 ------------------------------------------------------------------- Wed Nov 12 16:18:34 CET 2008 - crrodriguez@suse.de - QA Results: Regression on PPC64 only, detected by PHP test suite, the system libgd part, fix by IBM ------------------------------------------------------------------- Mon Mar 10 01:43:39 CET 2008 - crrodriguez@suse.de - fix rpm version number, otherwise it wont upgrade later. ------------------------------------------------------------------- Fri Jan 18 15:51:13 CET 2008 - anosek@suse.cz - updated to version 2.0.36RC1 * Fixed gdImageCopy with true color image, the transparent color was ignored * Fixed support of PNG grayscale image with alpha channel * Added Netware builds script * ease the creation of regexp to match symbols/functions in the sources * _gdCreateFromFile() can crash if gdImageCreate fails * gdImageCreateFrom*Ptr() can crash if gdNewDynamicCtxEx() fails * gdImageRectangle draws 1x1 rectangles as 1x3 rectangles * Possible integer overflow in gdImageFill() * Optimization for single pixel line not in correct order * gdImageColorDeallocate can write outside buffer * gdImageColorTransparent can write outside buffer * gdImageWBMPCtx can crash when createwbmp fails * Fixed decoding of the html entity ϑ * Fixed configure script ignoring --with-png=DIR option - dropped obsoleted security.patch ------------------------------------------------------------------- Thu Dec 20 04:22:14 CET 2007 - crrodriguez@suse.de - remove static libraries and "la" files - devel package dependency cleanup ------------------------------------------------------------------- Mon Jul 9 09:09:51 CEST 2007 - anosek@suse.cz - updated to version 2.0.35 * Fix valgrind error in gdImageFillTiled (Nuno Lopes) * Add missing custom cmake macros (required for the tests suite) * Avoid signature buffer copy in gd_gif_c (Nuno Lopes) * Race condition in gdImageStringFTEx (Antony Dogval, Pierre Scott MacVicar) * Reading GIF images is not thread safe (static usage in private functions) (Roman Nemecek, Nuno Lopes, Pierre) * GIF Local palette is read twice * GIF, Use local frame dimension when possible instead of the logical screen size (Pierre) * GIF, do not try to use the global colmap if it does not exist (Nuno Lopes, Pierre) * gdImageAALine draws axis lines with two pixels width (Pierre) * gdImageArc CPU usage with large angles (Pierre) * gdImageFilledRectangle regression fixed when used with reversed edges (Pierre) * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier Roche (Pierre) * Fixed segfault when an invalid color index is present in a GIF image data, reported by Elliot <wccode at gmail dot com> (Pierre) * Possible integer overflow in gdImageCreateTrueColor (Pierre) gdImageCreateXbm can crash if gdImageCreate fails (Pierre) - dropped obsolete patches (png-loop-CVE-2007-2756.patch) ------------------------------------------------------------------- Tue May 29 17:16:32 CEST 2007 - nadvornik@suse.cz - fixed infinite loop on truncated png images CVE-2007-2756 [#276525] ------------------------------------------------------------------- Thu May 3 17:54:51 CEST 2007 - prusnak@suse.cz - changed expat to libexpat-devel in Requires of devel subpackage ------------------------------------------------------------------- Tue Feb 20 11:47:45 CET 2007 - nadvornik@suse.cz - updated to 2.0.34: * security fixes merged upstream * various other bugfixes ------------------------------------------------------------------- Wed Aug 16 20:13:13 CEST 2006 - aj@suse.de - Reduce BuildRequires. ------------------------------------------------------------------- Wed Aug 16 18:09:26 CEST 2006 - aj@suse.de - Remove unneeded BuildRequire xorg-x11. ------------------------------------------------------------------- Wed Aug 16 10:42:17 CEST 2006 - aj@suse.de - Do not use fonts to build package. ------------------------------------------------------------------- Wed Aug 16 05:16:58 CEST 2006 - sndirsch@suse.de - gd-fontpath.diff: fixes new fontpath for Type1 fonts ------------------------------------------------------------------- Mon Aug 7 12:29:26 CEST 2006 - nadvornik@suse.cz - adjusted ttf fonts path for gdtestft ------------------------------------------------------------------- Fri Jun 23 14:13:13 CEST 2006 - nadvornik@suse.cz - fixed another check for return value on error [#186953] - gdlib-config is moved to devel package [#168628] ------------------------------------------------------------------- Thu Jun 8 18:56:20 CEST 2006 - nadvornik@suse.cz - fixed check for EOF in gd_gif_in.c [#182334] ------------------------------------------------------------------- Wed Mar 8 19:54:52 CET 2006 - sbrabec@suse.cz - Fixed devel dependencies. ------------------------------------------------------------------- Wed Jan 25 21:36:07 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Thu Jan 12 16:15:57 CET 2006 - nadvornik@suse.cz - compile with -fstack-protector ------------------------------------------------------------------- Thu Jan 5 13:54:33 CET 2006 - nadvornik@suse.cz - fixed another integer overflow [#138007] ------------------------------------------------------------------- Thu Nov 24 13:00:05 CET 2005 - meissner@suse.de - fixed 1 aliasing issue. ------------------------------------------------------------------- Sat Feb 5 11:23:14 CET 2005 - meissner@suse.de - added 1 missign format attribute ------------------------------------------------------------------- Mon Nov 22 12:56:45 CET 2004 - nadvornik@suse.cz - run test programs during build [#48382] ------------------------------------------------------------------- Mon Nov 15 12:37:31 CET 2004 - nadvornik@suse.cz - fixed more overflows - CAN-2004-0941 [#47666] ------------------------------------------------------------------- Tue Nov 02 15:44:19 CET 2004 - nadvornik@suse.cz - updated to 2.0.32: * fixed several integer overflows [#47666] * animated gif support ------------------------------------------------------------------- Tue Aug 24 09:59:01 CEST 2004 - nadvornik@suse.cz - updated to 2.0.28: restored support for reading and writing GIF images ------------------------------------------------------------------- Fri Feb 20 14:05:37 CET 2004 - schwab@suse.de - Fix missing return value. ------------------------------------------------------------------- Thu Feb 05 17:59:36 CET 2004 - nadvornik@suse.cz - updated to 2.0.22 - fixed dangerous compiler warnings ------------------------------------------------------------------- Sat Jan 10 17:22:24 CET 2004 - adrian@suse.de - add %defattr and %run_ldconfig ------------------------------------------------------------------- Tue Jan 06 12:35:57 CET 2004 - nadvornik@suse.cz - updated to 2.0.17 - fixed to build with new freetype ------------------------------------------------------------------- Thu Jul 24 16:02:58 CEST 2003 - mjancar@suse.cz - update to 2.0.15 ------------------------------------------------------------------- Thu Feb 13 11:20:57 CET 2003 - nadvornik@suse.cz - updated to 2.0.11: speed improvements, bugfixes ------------------------------------------------------------------- Fri Dec 13 22:16:16 CET 2002 - prehak@suse.cz - added gdImageCreateFromXpm() function prototype to gd.h ------------------------------------------------------------------- Thu Nov 28 19:10:29 CET 2002 - nadvornik@suse.cz - updated to 2.0.8 ------------------------------------------------------------------- Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de - removed bogus self-provides ------------------------------------------------------------------- Tue May 28 11:10:41 CEST 2002 - bk@suse.de - gd-devel requires gd and use prefix, bindir and includedir macros ------------------------------------------------------------------- Wed Feb 13 11:42:32 CET 2002 - nadvornik@suse.cz - used macro %{_libdir} ------------------------------------------------------------------- Fri Feb 1 00:26:06 CET 2002 - ro@suse.de - changed neededforbuild <libpng> to <libpng-devel-packages> ------------------------------------------------------------------- Mon Nov 5 18:15:48 CET 2001 - ro@suse.de - fix Makefile.am for automake 1.5 (removed duplicated line) ------------------------------------------------------------------- Fri May 25 15:34:38 CEST 2001 - pblaha@suse.cz - fix include on ia64 ------------------------------------------------------------------- Thu Mar 29 13:01:53 CEST 2001 - ro@suse.de - use aclocal ------------------------------------------------------------------- Wed Mar 21 16:05:52 CET 2001 - ro@suse.de - update to 1.8.4 - use freetype2 ------------------------------------------------------------------- Mon Dec 4 11:42:20 CET 2000 - pblaha@suse.cz - move simbolick link libgd.so -> gd-devel ------------------------------------------------------------------- Thu Nov 30 10:58:56 CET 2000 - aj@suse.de - Add suse_update_config. ------------------------------------------------------------------- Wed Nov 15 16:09:30 CET 2000 - pblaha@suse.cz - aplied patch from perl-GD and split to gd & gd-devel ------------------------------------------------------------------- Mon Jun 5 14:24:24 CEST 2000 - bubnikv@suse.cz - updated to 1.8.3 ------------------------------------------------------------------- Fri May 12 15:08:44 CEST 2000 - nadvornik@suse.cz - update to 1.8.1 - added BuildRoot ------------------------------------------------------------------- Tue Oct 12 00:04:19 CEST 1999 - ro@suse.de - added xpm and ttf support ------------------------------------------------------------------- Sun Oct 10 17:29:36 CEST 1999 - ro@suse.de - added libpng to neededforbuild ------------------------------------------------------------------- Thu Oct 7 11:26:30 CEST 1999 - schwab@suse.de - update to 1.7.3 ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ------------------------------------------------------------------- Thu Sep 9 12:15:28 CEST 1999 - bs@suse.de - fixed call of Check at the end of %install section ------------------------------------------------------------------- Tue Jun 15 23:51:28 MEST 1999 - ro@suse.de - fixed doc installation ------------------------------------------------------------------- Tue Jun 15 16:23:00 MEST 1999 - ro@suse.de - update to 1.3 ------------------------------------------------------------------- Thu Feb 5 15:35:02 MET 1998 - ro@suse.de - ready for autobuild
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
