pkgsrc.se | The NetBSD package collection

./graphics/gd, Graphics library for the dynamic creation of images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2016Q4, Version: 2.2.4, Package name: gd-2.2.4, Maintainer: adam

gd is a graphics library. It allows your code to quickly draw images
complete with lines, arcs, text, multiple colors, cut and paste from
other images, and flood fills, and write out the result as a .PNG
file. This is particularly useful in World Wide Web applications,
where .PNG is one of the formats accepted for inline images by most
browsers.

gd is not a paint program. If you are looking for a paint program, you
are looking in the wrong place. If you are not a programmer, you are
looking in the wrong place.

gd does not provide for every possible desirable graphics operation.
It is not necessary or desirable for gd to become a kitchen-sink
graphics package, but incorporates most of the commonly requested
features for an 8-bit 2D package.

Required to run:
[graphics/libwebp] [graphics/png] [graphics/tiff] [graphics/freetype2] [lang/perl5] [fonts/fontconfig]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://github.com/libgd/ (Download)

SHA1: 67779817d7aecb94594c43ace949af350ca1df7f
RMD160: 4b0ac89bf547aa7b6550e33d79fe5ca05801b4e6
Filesize: 2420.438 KB

Version history: (Expand)

(2017-03-03) Updated to version: gd-2.2.4
(2017-01-05) Package added to pkgsrc.se, version gd-2.2.3nb1 (created)

CVS history: (Expand)

2017-03-03 16:26:32 by Benny Siegert | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #5221 - requested by spz
graphics/gd: security fix

Revisions pulled up:
- graphics/gd/Makefile                                          1.113
- graphics/gd/distinfo                                          1.43
- graphics/gd/patches/patch-src_gd__webp.c                      deleted

---
   Module Name:    pkgsrc
   Committed By:   spz
   Date:           Sat Feb  4 23:05:52 UTC 2017

   Modified Files:
           pkgsrc/graphics/gd: Makefile distinfo
   Removed Files:
           pkgsrc/graphics/gd/patches: patch-src_gd__webp.c

   Log message:
   update of gd to 2.2.4.

   Upstream Changelog:
   Security

       gdImageCreate() doesn't check for oversized images and as such is prone \ 
to DoS vulnerabilities. (CVE-2016-9317)
       double-free in gdImageWebPtr() (CVE-2016-6912)
       potential unsigned underflow in gd_interpolation.c
       DOS vulnerability in gdImageCreateFromGd2Ctx()

   Fixed

       Fix #354: Signed Integer Overflow gd_io.c
       Fix #340: System frozen
       Fix OOB reads of the TGA decompression buffer
       Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
       Fix potential unsigned underflow
       Fix double-free in gdImageWebPtr()
       Fix invalid read in gdImageCreateFromTiffPtr()
       Fix OOB reads of the TGA decompression buffer
       Fix #68: gif: buffer underflow reported by AddressSanitizer
       Avoid potentially dangerous signed to unsigned conversion
       Fix #304: test suite failure in gif/bug00006 [2.2.3]
       Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
       Fix #330: Integer overflow in gdImageScaleBilinearPalette()
       Fix 321: Null pointer dereferences in gdImageRotateInterpolated
       Fix whitespace and add missing comment block
       Fix #319: gdImageRotateInterpolated can have wrong background color
       Fix color quantization documentation
       Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
       Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
       Fix #300: gdImageClone() assigns res_y = res_x
       Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
       Replace GNU old-style field designators with C89 compatible initializers
       Fix #297: gdImageCrop() converts palette image to truecolor image
       Fix #290: TGA RLE decoding is broken
       Fix unnecessary non NULL checks
       Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted \ 
files
       Fix #280: gdImageWebpEx() quantization parameter is a misnomer
       Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
       Fix issue #276: Sometimes pixels are missing when storing images as BMPs
       Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
       Fix copy&paste error in gdImageScaleBicubicFixed()

   Added

       More documentation
       Documentation on GD and GD2 formats
       More tests