Package: libgd2 / 2.2.4-2+deb9u5

Metadata

Package Version Patches format
libgd2 2.2.4-2+deb9u5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 Remove failing tests.patch | (download)

tests/gdimagecopyresampled/CMakeLists.txt | 1 0 + 1 - 0 !
tests/gdimagecopyresampled/Makemodule.am | 7 2 + 5 - 0 !
tests/gdimagerotate/CMakeLists.txt | 1 0 + 1 - 0 !
tests/gdimagerotate/Makemodule.am | 18 0 + 18 - 0 !
4 files changed, 2 insertions(+), 25 deletions(-)

 remove failing tests


0002 Initialize error in tests gd2 gd2_read.c.patch | (download)

tests/gd2/gd2_read.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 initialize error in tests/gd2/gd2_read.c


0004 Fix error ISO C99 requires at least one argument for.patch | (download)

tests/gdimagefile/gdnametest.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix error: iso c99 requires at least one argument for the "..." in a
 variadic macro


disable tests gdimagegrayscale as it breaks on 32 bit.patch | (download)

tests/CMakeLists.txt | 1 0 + 1 - 0 !
tests/Makefile.am | 1 0 + 1 - 0 !
2 files changed, 2 deletions(-)

 disable-tests-gdimagegrayscale-as-it-breaks-on-32-bit


0005 Fix tiff_invalid_read check.patch | (download)

src/gd_io_dp.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 fix tiff_invalid_read check


0006 Close 339 Fix unitialized memory read vulnerability .patch | (download)

src/gd_gif_in.c | 3 3 + 0 - 0 !
1 file changed, 3 insertions(+)

 close #339: fix unitialized memory read vulnerability in gif reading
0007 Fix 381 libgd double free vulnerability.patch | (download)

src/gd_png.c | 39 30 + 9 - 0 !
1 file changed, 30 insertions(+), 9 deletions(-)

 fix #381: libgd double-free vulnerability
0008 CVE 2018 1000222.patch | (download)

src/gd_bmp.c | 17 14 + 3 - 0 !
1 file changed, 14 insertions(+), 3 deletions(-)

 [patch] bmp: check return value in gdimagebmpptr

Closes #447.

0009 CVE 2018 5711.patch | (download)

src/gd_gif_in.c | 12 6 + 6 - 0 !
1 file changed, 6 insertions(+), 6 deletions(-)

 [patch] fix #420: potential infinite loop in gdimagecreatefromgifctx

Due to a signedness confusion in `GetCode_` a corrupt GIF file can
trigger an infinite loop.  Furthermore we make sure that a GIF without
any palette entries is treated as invalid *after* open palette entries
have been removed.

CVE-2018-5711

See also https://bugs.php.net/bug.php?id=75571.

CVE 2019 6977.patch | (download)

src/gd_color_match.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 heap-based buffer overflow in gdimagecolormatch
Fix 492 Potential double free in gdImage Ptr.patch | (download)

src/gd_gif_out.c | 18 15 + 3 - 0 !
src/gd_jpeg.c | 20 16 + 4 - 0 !
src/gd_wbmp.c | 21 18 + 3 - 0 !
tests/jpeg/CMakeLists.txt | 1 1 + 0 - 0 !
tests/jpeg/Makemodule.am | 3 2 + 1 - 0 !
tests/jpeg/jpeg_ptr_double_free.c | 31 31 + 0 - 0 !
6 files changed, 83 insertions(+), 11 deletions(-)

 fix #492: potential double-free in gdimage*ptr()
Fix 501 Uninitialized read in gdImageCreateFromXbm.patch | (download)

src/gd_xbm.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 fix #501: uninitialized read in gdimagecreatefromxbm
 (CVE-2019-11038)

Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11038
Bug-Debian: https://bugs.debian.org/929821
Bug: https://github.com/libgd/libgd/issues/501

We have to ensure that `sscanf()` does indeed read a hex value here,
and bail out otherwise.

Original patch by Christoph M. Becker <cmbecker69@gmx.de> for PHP libgd ext.
https://git.php.net/?p=php-src.git;a=commit;h=ed6dee9a198c904ad5e03113e58a2d2c200f5184