OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gd?expand=0&rev=5

2007-07-10 12:34:15 +00:00 · 2007-07-10 12:34:15 +00:00 · b9a6e5a681
commit b9a6e5a681
parent 38bd119cba
7 changed files with 63 additions and 36 deletions
--- a/gd-2.0.34.tar.bz2
+++ b/gd-2.0.34.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:66baa531a860ca3e071d47eec7c0823c534a8a4dadf4cba6d17eeb6d4159d22f
 size 1135372
--- a/gd-2.0.35-warn.patch
+++ b/gd-2.0.35-warn.patch
--- a/gd-2.0.35.tar.bz2
+++ b/gd-2.0.35.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:bf222490749d2a9a9ac3593b01eb55aed98461ff81202414707f61b42aa300f9
 size 1212730
--- a/gd-png-loop-CVE-2007-2756.patch
+++ b/gd-png-loop-CVE-2007-2756.patch
@ -1,15 +0,0 @@
 --- gd_png.c	1 Apr 2007 20:41:01 -0000	1.21.2.1
 +++ gd_png.c	16 May 2007 19:06:11 -0000
@@ -81,7 +81,11 @@ gdPngErrorHandler (png_structp png_ptr, 
 static void
 gdPngReadData (png_structp png_ptr, png_bytep data, png_size_t length)
 {
 -  gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
 +  int check;
 +  check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
 +  if (check != length) {
 +    png_error(png_ptr, "Read Error: truncated data");
 +  }
 }
 static void
--- a/gd-security.patch
+++ b/gd-security.patch
@ -1,22 +1,13 @@
 --- gd.c
 +++ gd.c
-@@ -147,6 +151,7 @@
+@@ -147,6 +147,7 @@
   }
-   memset (im, 0, sizeof (gdImage));
+ 
   if (overflow2(sizeof (int *), sy)) {
 +    gdFree(im);
     return 0;
   }
-   im->tpixels = (int **) gdMalloc (sizeof (int *) * sy);
+ 
@@ -2757,6 +2762,8 @@
     }
   bytes = (w * h / 8) + 1;
   im = gdImageCreate (w, h);
 +  if (!im)
 +    return NULL;
   gdImageColorAllocate (im, 255, 255, 255);
   gdImageColorAllocate (im, 0, 0, 0);
   x = 0;
 --- gd_gd.c
 +++ gd_gd.c
@@ -149,6 +149,8 @@
--- a/gd.changes
+++ b/gd.changes
@ -1,3 +1,31 @@
 -------------------------------------------------------------------
 Mon Jul  9 09:09:51 CEST 2007 - anosek@suse.cz
 - updated to version 2.0.35
  * Fix valgrind error in gdImageFillTiled (Nuno Lopes)
  * Add missing custom cmake macros (required for the tests suite)
  * Avoid signature buffer copy  in gd_gif_c (Nuno Lopes)
  * Race condition in gdImageStringFTEx (Antony Dogval, Pierre
    Scott MacVicar)
  * Reading GIF images is not thread safe (static usage in private
    functions) (Roman Nemecek, Nuno Lopes, Pierre)
  * GIF Local palette is read twice
  * GIF, Use local frame dimension when possible instead of the
    logical screen size (Pierre)
  * GIF, do not try to use the global colmap if it does not exist
    (Nuno Lopes, Pierre)
  * gdImageAALine draws axis lines with two pixels width (Pierre)
  * gdImageArc CPU usage with large angles (Pierre)
  * gdImageFilledRectangle regression fixed when used with reversed
    edges (Pierre)
  * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier
    Roche (Pierre)
  * Fixed segfault when an invalid color index is present in a GIF
    image data, reported by Elliot <wccode at gmail dot com> (Pierre)
  * Possible integer overflow in gdImageCreateTrueColor (Pierre)
    gdImageCreateXbm can crash if gdImageCreate fails (Pierre)
 - dropped obsolete patches (png-loop-CVE-2007-2756.patch)
 -------------------------------------------------------------------
 Tue May 29 17:16:32 CEST 2007 - nadvornik@suse.cz
--- a/gd.spec
+++ b/gd.spec
@ -1,5 +1,5 @@
 #
-# spec file for package gd (Version 2.0.34)
+# spec file for package gd (Version 2.0.35)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@ -16,9 +16,9 @@ License:        X11/MIT
 Group:          System/Libraries
 Obsoletes:      gdlib 
 Autoreqprov:    on
-Version:        2.0.34
+Version:        2.0.35
-Release:        21
+Release:        1
-URL:            http://www.boutell.com/gd/
+URL:            http://www.libgd.org/
 Summary:        A Drawing Library for Programs That Use PNG and JPEG Output
 Source:         gd-%{version}.tar.bz2
 Patch0:         gd-%{version}-warn.patch
@ -27,7 +27,6 @@ Patch2:         gd-format.patch
 Patch3:         gd-aliasing.patch
 Patch4:         gd-security.patch
 Patch6:         gd-fontpath.patch
 Patch7:         gd-png-loop-CVE-2007-2756.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %description
@ -69,7 +68,6 @@ Authors:
 %patch3
 %patch4
 %patch6
 %patch7
 %build
 %{suse_update_config -f}
@ -138,6 +136,31 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/*.la
 %changelog
 * Mon Jul 09 2007 - anosek@suse.cz
 - updated to version 2.0.35
  * Fix valgrind error in gdImageFillTiled (Nuno Lopes)
  * Add missing custom cmake macros (required for the tests suite)
  * Avoid signature buffer copy  in gd_gif_c (Nuno Lopes)
  * Race condition in gdImageStringFTEx (Antony Dogval, Pierre
  Scott MacVicar)
  * Reading GIF images is not thread safe (static usage in private
  functions) (Roman Nemecek, Nuno Lopes, Pierre)
  * GIF Local palette is read twice
  * GIF, Use local frame dimension when possible instead of the
  logical screen size (Pierre)
  * GIF, do not try to use the global colmap if it does not exist
  (Nuno Lopes, Pierre)
  * gdImageAALine draws axis lines with two pixels width (Pierre)
  * gdImageArc CPU usage with large angles (Pierre)
  * gdImageFilledRectangle regression fixed when used with reversed
  edges (Pierre)
  * Possible infinite loop in libgd/gd_png.c, flaw found by Xavier
  Roche (Pierre)
  * Fixed segfault when an invalid color index is present in a GIF
  image data, reported by Elliot <wccode at gmail dot com> (Pierre)
  * Possible integer overflow in gdImageCreateTrueColor (Pierre)
  gdImageCreateXbm can crash if gdImageCreate fails (Pierre)
 - dropped obsolete patches (png-loop-CVE-2007-2756.patch)
 * Tue May 29 2007 - nadvornik@suse.cz
 - fixed infinite loop on truncated png images
  CVE-2007-2756 [#276525]