From b9a6e5a6813efb5e152622d93bd42729a2b682f1aaacf932b43deff6056177ab Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Tue, 10 Jul 2007 12:34:15 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/gd?expand=0&rev=5

---
 gd-2.0.34.tar.bz2                            |  3 --
 gd-2.0.34-warn.patch => gd-2.0.35-warn.patch |  0
 gd-2.0.35.tar.bz2                            |  3 ++
 gd-png-loop-CVE-2007-2756.patch              | 15 ---------
 gd-security.patch                            | 15 ++-------
 gd.changes                                   | 28 ++++++++++++++++
 gd.spec                                      | 35 ++++++++++++++++----
 7 files changed, 63 insertions(+), 36 deletions(-)
 delete mode 100644 gd-2.0.34.tar.bz2
 rename gd-2.0.34-warn.patch => gd-2.0.35-warn.patch (100%)
 create mode 100644 gd-2.0.35.tar.bz2
 delete mode 100644 gd-png-loop-CVE-2007-2756.patch

diff --git a/gd-2.0.34.tar.bz2 b/gd-2.0.34.tar.bz2
deleted file mode 100644
index 40ef2d3..0000000
--- a/gd-2.0.34.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:66baa531a860ca3e071d47eec7c0823c534a8a4dadf4cba6d17eeb6d4159d22f
-size 1135372
diff --git a/gd-2.0.34-warn.patch b/gd-2.0.35-warn.patch
similarity index 100%
rename from gd-2.0.34-warn.patch
rename to gd-2.0.35-warn.patch
diff --git a/gd-2.0.35.tar.bz2 b/gd-2.0.35.tar.bz2
new file mode 100644
index 0000000..ed4dbf1
--- /dev/null
+++ b/gd-2.0.35.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bf222490749d2a9a9ac3593b01eb55aed98461ff81202414707f61b42aa300f9
+size 1212730
diff --git a/gd-png-loop-CVE-2007-2756.patch b/gd-png-loop-CVE-2007-2756.patch
deleted file mode 100644
index e7d9f43..0000000
--- a/gd-png-loop-CVE-2007-2756.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- gd_png.c	1 Apr 2007 20:41:01 -0000	1.21.2.1
-+++ gd_png.c	16 May 2007 19:06:11 -0000
-@@ -81,7 +81,11 @@ gdPngErrorHandler (png_structp png_ptr, 
- static void
- gdPngReadData (png_structp png_ptr, png_bytep data, png_size_t length)
- {
--  gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
-+  int check;
-+  check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
-+  if (check != length) {
-+    png_error(png_ptr, "Read Error: truncated data");
-+  }
- }
- 
- static void
diff --git a/gd-security.patch b/gd-security.patch
index d823f86..2a04353 100644
--- a/gd-security.patch
+++ b/gd-security.patch
@@ -1,22 +1,13 @@
 --- gd.c
 +++ gd.c
-@@ -147,6 +151,7 @@
+@@ -147,6 +147,7 @@
    }
-   memset (im, 0, sizeof (gdImage));
+ 
    if (overflow2(sizeof (int *), sy)) {
 +    gdFree(im);
      return 0;
    }
-   im->tpixels = (int **) gdMalloc (sizeof (int *) * sy);
-@@ -2757,6 +2762,8 @@
-     }
-   bytes = (w * h / 8) + 1;
-   im = gdImageCreate (w, h);
-+  if (!im)
-+    return NULL;
-   gdImageColorAllocate (im, 255, 255, 255);
-   gdImageColorAllocate (im, 0, 0, 0);
-   x = 0;
+ 
 --- gd_gd.c
 +++ gd_gd.c
 @@ -149,6 +149,8 @@
diff --git a/gd.changes b/gd.changes
index 95b2a33..92c89bb 100644
--- a/gd.changes
+++ b/gd.changes
@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Mon Jul  9 09:09:51 CEST 2007 - anosek@suse.cz
+
+- updated to version 2.0.35
+  * Fix valgrind error in gdImageFillTiled (Nuno Lopes)
+  * Add missing custom cmake macros (required for the tests suite)
+  * Avoid signature buffer copy  in gd_gif_c (Nuno Lopes)
+  * Race condition in gdImageStringFTEx (Antony Dogval, Pierre
+    Scott MacVicar)
+  * Reading GIF images is not thread safe (static usage in private
+    functions) (Roman Nemecek, Nuno Lopes, Pierre)
+  * GIF Local palette is read twice
+  * GIF, Use local frame dimension when possible instead of the
+    logical screen size (Pierre)
+  * GIF, do not try to use the global colmap if it does not exist
+    (Nuno Lopes, Pierre)
+  * gdImageAALine draws axis lines with two pixels width (Pierre)
+  * gdImageArc CPU usage with large angles (Pierre)
+  * gdImageFilledRectangle regression fixed when used with reversed
+    edges (Pierre)
+  * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier
+    Roche (Pierre)
+  * Fixed segfault when an invalid color index is present in a GIF
+    image data, reported by Elliot <wccode at gmail dot com> (Pierre)
+  * Possible integer overflow in gdImageCreateTrueColor (Pierre)
+    gdImageCreateXbm can crash if gdImageCreate fails (Pierre)
+- dropped obsolete patches (png-loop-CVE-2007-2756.patch)
+
 -------------------------------------------------------------------
 Tue May 29 17:16:32 CEST 2007 - nadvornik@suse.cz
 
diff --git a/gd.spec b/gd.spec
index 8a2bd52..5f96d96 100644
--- a/gd.spec
+++ b/gd.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package gd (Version 2.0.34)
+# spec file for package gd (Version 2.0.35)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -16,9 +16,9 @@ License:        X11/MIT
 Group:          System/Libraries
 Obsoletes:      gdlib 
 Autoreqprov:    on
-Version:        2.0.34
-Release:        21
-URL:            http://www.boutell.com/gd/
+Version:        2.0.35
+Release:        1
+URL:            http://www.libgd.org/
 Summary:        A Drawing Library for Programs That Use PNG and JPEG Output
 Source:         gd-%{version}.tar.bz2
 Patch0:         gd-%{version}-warn.patch
@@ -27,7 +27,6 @@ Patch2:         gd-format.patch
 Patch3:         gd-aliasing.patch
 Patch4:         gd-security.patch
 Patch6:         gd-fontpath.patch
-Patch7:         gd-png-loop-CVE-2007-2756.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -69,7 +68,6 @@ Authors:
 %patch3
 %patch4
 %patch6
-%patch7
 
 %build
 %{suse_update_config -f}
@@ -138,6 +136,31 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/*.la
 
 %changelog
+* Mon Jul 09 2007 - anosek@suse.cz
+- updated to version 2.0.35
+  * Fix valgrind error in gdImageFillTiled (Nuno Lopes)
+  * Add missing custom cmake macros (required for the tests suite)
+  * Avoid signature buffer copy  in gd_gif_c (Nuno Lopes)
+  * Race condition in gdImageStringFTEx (Antony Dogval, Pierre
+  Scott MacVicar)
+  * Reading GIF images is not thread safe (static usage in private
+  functions) (Roman Nemecek, Nuno Lopes, Pierre)
+  * GIF Local palette is read twice
+  * GIF, Use local frame dimension when possible instead of the
+  logical screen size (Pierre)
+  * GIF, do not try to use the global colmap if it does not exist
+  (Nuno Lopes, Pierre)
+  * gdImageAALine draws axis lines with two pixels width (Pierre)
+  * gdImageArc CPU usage with large angles (Pierre)
+  * gdImageFilledRectangle regression fixed when used with reversed
+  edges (Pierre)
+  * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier
+  Roche (Pierre)
+  * Fixed segfault when an invalid color index is present in a GIF
+  image data, reported by Elliot <wccode at gmail dot com> (Pierre)
+  * Possible integer overflow in gdImageCreateTrueColor (Pierre)
+  gdImageCreateXbm can crash if gdImageCreate fails (Pierre)
+- dropped obsolete patches (png-loop-CVE-2007-2756.patch)
 * Tue May 29 2007 - nadvornik@suse.cz
 - fixed infinite loop on truncated png images
   CVE-2007-2756 [#276525]