Subject: CVS commit: pkgsrc/graphics/gd
From: Lubomir Sedlacik
Date: 2006-06-14 23:42:33
Message id: 20060614214233.C43E1211CA@cvs.netbsd.org
Log Message:
Security fix for CVE-2006-2906:

"The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas
 Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote
 attackers to cause a denial of service (CPU consumption) via malformed
 GIF data that causes an infinite loop."

Patch from Xavier Roche via Ubuntu.
Files:
RevisionActionfile
1.70modifypkgsrc/graphics/gd/Makefile
1.23modifypkgsrc/graphics/gd/distinfo
1.3addpkgsrc/graphics/gd/patches/patch-ac