Next | Query returned 144 messages, browsing 31 to 40 | Previous

History of commit frequency

CVS Commit History:


   2017-02-28 16:20:12 by Ryo ONODERA | Files touched by this commit (208)
Log message:
Recursive revbump from graphics/libwebp
   2017-02-09 04:27:30 by Min Sik Kim | Files touched by this commit (2)
Log message:
Make gd build on Darwin

Include limits.h to use INT_MAX.
   2017-02-05 00:05:52 by S.P.Zeidler | Files touched by this commit (3) | Package updated
Log message:
update of gd to 2.2.4.

Upstream Changelog:
Security

    gdImageCreate() doesn't check for oversized images and as such is prone to \ 
DoS vulnerabilities. (CVE-2016-9317)
    double-free in gdImageWebPtr() (CVE-2016-6912)
    potential unsigned underflow in gd_interpolation.c
    DOS vulnerability in gdImageCreateFromGd2Ctx()

Fixed

    Fix #354: Signed Integer Overflow gd_io.c
    Fix #340: System frozen
    Fix OOB reads of the TGA decompression buffer
    Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
    Fix potential unsigned underflow
    Fix double-free in gdImageWebPtr()
    Fix invalid read in gdImageCreateFromTiffPtr()
    Fix OOB reads of the TGA decompression buffer
    Fix #68: gif: buffer underflow reported by AddressSanitizer
    Avoid potentially dangerous signed to unsigned conversion
    Fix #304: test suite failure in gif/bug00006 [2.2.3]
    Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
    Fix #330: Integer overflow in gdImageScaleBilinearPalette()
    Fix 321: Null pointer dereferences in gdImageRotateInterpolated
    Fix whitespace and add missing comment block
    Fix #319: gdImageRotateInterpolated can have wrong background color
    Fix color quantization documentation
    Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
    Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
    Fix #300: gdImageClone() assigns res_y = res_x
    Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
    Replace GNU old-style field designators with C89 compatible initializers
    Fix #297: gdImageCrop() converts palette image to truecolor image
    Fix #290: TGA RLE decoding is broken
    Fix unnecessary non NULL checks
    Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files
    Fix #280: gdImageWebpEx() quantization parameter is a misnomer
    Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
    Fix issue #276: Sometimes pixels are missing when storing images as BMPs
    Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
    Fix copy&paste error in gdImageScaleBicubicFixed()

Added

    More documentation
    Documentation on GD and GD2 formats
    More tests
   2016-10-05 05:10:31 by Takahiro Kambe | Files touched by this commit (3)
Log message:
Add fix for CVE-2016-7568.

Bump PKGREVISION.
   2016-08-03 13:06:50 by Thomas Klausner | Files touched by this commit (1)
Log message:
Fix unresolvable dependency.
   2016-08-03 12:23:40 by Adam Ciarcinski | Files touched by this commit (1248) | Package updated
Log message:
Revbump after graphics/gd update
   2016-08-02 20:29:21 by Adam Ciarcinski | Files touched by this commit (11) | Package removed
Log message:
We welcome the 2.2.3 release around a month after 2.2.2 (we are getting \ 
consistent). Another important milestone in the GD 2.2 series.

Security related fixes: This flaw is caused by loading data from external \ 
sources (file, custom ctx, etc) and are hard to validate before calling libgd \ 
APIs:
* fix php bug 72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766)
* bug 247, A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132)
* also bug 247, Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214)
* bug 248, fix Out-Of-Bounds Read in read_image_tga

Using application provided parameters, in these cases invalid data causes the issues:
* Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207)
* fix php bug 72494, invalid color index not handled, can lead to crash ( \ 
CVE-2016-6128)
* improve color check for CropThreshold

Important update:
* gdImageCopyResampled has been improved. Better handling of images with alpha \ 
channel, also brings libgd in sync with php's bundled gd.
   2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068)
Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
   2016-06-30 11:00:18 by Takahiro Kambe | Files touched by this commit (3)
Log message:
Add fix for CVE-2016-6128 from upstream.

Bump PKGREVISION.
   2015-11-18 15:19:56 by Ryo ONODERA | Files touched by this commit (141)
Log message:
Recursive revbump from multimedia/libvpx

Next | Query returned 144 messages, browsing 31 to 40 | Previous