Package "libgd-dev"
Name: |
libgd-dev
|
Description: |
GD Graphics Library (development version)
|
Latest version: |
2.1.0-3ubuntu0.11 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Head package: |
libgd2 |
Homepage: |
http://www.libgd.org/ |
Links
Download "libgd-dev"
Other versions of "libgd-dev" in Trusty
Changelog
libgd2 (2.1.0-3ubuntu0.11) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow in gdImageColorMatch
- debian/patches/CVE-2019-6977.patch: use gdMaxColors in
src/gd_color_match.c.
- CVE-2019-6977
* SECURITY UPDATE: double-free in gdImage*Ptr() functions
- debian/patches/CVE-2019-6978.patch: properly handle failure in
src/gd_gif_out.c, src/gd_jpeg.c, src/gd_wbmp.c, add test to
tests/jpeg/CMakeLists.txt, tests/jpeg/jpeg_ptr_double_free.c.
- CVE-2019-6978
-- Marc Deslauriers <email address hidden> Wed, 27 Feb 2019 14:42:23 -0500
|
Source diff to previous version |
CVE-2019-6977 |
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x |
CVE-2019-6978 |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is un |
|
libgd2 (2.1.0-3ubuntu0.10) trusty-security; urgency=medium
* SECURITY UPDATE: Double free
- debian/patches/CVE-2018-1000222.patch: fix in
src/gd_bmp.c.
- CVE-2018-1000222
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2018-5711.patch: fix in
src/gd_gif_in.c.
- CVE-2018-5711
-- <email address hidden> (Leonidas S. Barbosa) Thu, 23 Aug 2018 10:51:28 -0300
|
Source diff to previous version |
CVE-2018-1000222 |
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This atta |
CVE-2018-5711 |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, h |
|
libgd2 (2.1.0-3ubuntu0.8) trusty-security; urgency=medium
* SECURITY UPDATE: Double-free memory
- debian/patches/CVE-2017-6362.patch: introduces a static
helper to check failure or success in src/gd_png.c also
adds tests in tests/png/CMakeLists.txt, tests/Makemodule.am,
tests/png/bug00381_1.c, tests/png/bug00381_2.c.
- CVE-2017-6362
-- <email address hidden> (Leonidas S. Barbosa) Mon, 04 Sep 2017 18:55:20 -0300
|
Source diff to previous version |
libgd2 (2.1.0-3ubuntu0.6) trusty-security; urgency=medium
* SECURITY UPDATE: potential unsigned underflow
- debian/patches/CVE-2016-10166.patch: refactor loop in
src/gd_interpolation.c.
- CVE-2016-10166
* SECURITY UPDATE: DoS vulnerability in gdImageCreateFromGd2Ctx()
- debian/patches/CVE-2016-10167.patch: properly fail in src/gd_gd2.c.
- CVE-2016-10167
* SECURITY UPDATE: signed integer overflow in gd_io.c
- debian/patches/CVE-2016-10168.patch: check counts in src/gd_gd2.c.
- CVE-2016-10168
* SECURITY UPDATE: OOB reads of the TGA decompression buffer
- debian/patches/CVE-2016-6906-pre1.patch: fix coverty warning in
src/gd_tga.c.
- debian/patches/CVE-2016-6906-pre2.patch: fix TGA RLE decoding in
src/gd_tga.c.
- debian/patches/CVE-2016-6906-1.patch: check for overflow in
src/gd_tga.c.
- debian/patches/CVE-2016-6906-2.patch: add another overflow check in
src/gd_tga.c.
- CVE-2016-6906
* SECURITY UPDATE: double-free in gdImageWebPtr()
- debian/patches/CVE-2016-6912.patch: add helper function to indicate
failure in src/gd_webp.c.
- CVE-2016-6912
* SECURITY UPDATE: DoS via oversized image
- debian/patches/CVE-2016-9317.patch: check for oversized images in
src/gd.c.
- CVE-2016-9317
* SECURITY UPDATE: DoS via stack consumption
- debian/patches/CVE-2016-9933.patch: check for invalid colors in
src/gd.c.
- CVE-2016-9933
-- Marc Deslauriers <email address hidden> Tue, 28 Feb 2017 10:37:45 -0500
|
CVE-2016-1016 |
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 o |
CVE-2016-6906 |
OOB reads of the TGA decompression buffer |
CVE-2016-6912 |
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecifi |
CVE-2016-9317 |
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via |
CVE-2016-9933 |
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP befor |
|
About
-
Send Feedback to @ubuntu_updates