Accepting request 508757 from home:scarabeus_iv:branches:graphics

- Version update to 2.2.4: * gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283 * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284 * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166) bsc#1022263 * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167) bsc#1022264 * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265 - Remove patches merged/obsoleted by upstream: * gd-config.patch * gd-disable-freetype27-failed-tests.patch * gd-test-unintialized-var.patch - Add patch gd-freetype.patch taking patch from upstream for freetype 2.7 OBS-URL: https://build.opensuse.org/request/show/508757 OBS-URL: https://build.opensuse.org/package/show/graphics/gd?expand=0&rev=37
2017-07-17 08:28:43 +00:00
parent 084c792f83
commit b783cebdcb
8 changed files with 111 additions and 132 deletions
--- a/gd.changes
+++ b/gd.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Fri Jul  7 10:54:11 UTC 2017 - tchvatal@suse.com
+
+- Version update to 2.2.4:
+  * gdImageCreate() doesn't check for oversized images and as such is prone
+    to DoS vulnerabilities. (CVE-2016-9317) bsc#1022283
+  * double-free in gdImageWebPtr() (CVE-2016-6912) bsc#1022284
+  * potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
+    bsc#1022263
+  * DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
+    bsc#1022264
+  * Signed Integer Overflow gd_io.c (CVE-2016-10168) bsc#1022265
+- Remove patches merged/obsoleted by upstream:
+  * gd-config.patch
+  * gd-disable-freetype27-failed-tests.patch
+  * gd-test-unintialized-var.patch
+- Add patch gd-freetype.patch taking patch from upstream for
+  freetype 2.7
+
 -------------------------------------------------------------------
 Fri Dec  9 17:09:40 UTC 2016 - pgajdos@suse.com