basebuilder_pel7x64builder0
5 years ago
4 changed files with 740 additions and 0 deletions
@ -0,0 +1,33 @@
@@ -0,0 +1,33 @@
|
||||
diff -up gd-2.1.0/config/gdlib-config.in.multilib gd-2.1.0/config/gdlib-config.in |
||||
--- gd-2.1.0/config/gdlib-config.in.multilib 2013-04-21 16:58:17.820010758 +0200 |
||||
+++ gd-2.1.0/config/gdlib-config.in 2013-04-21 16:59:27.896317922 +0200 |
||||
@@ -7,9 +7,10 @@ |
||||
# installation directories |
||||
prefix=@prefix@ |
||||
exec_prefix=@exec_prefix@ |
||||
-libdir=@libdir@ |
||||
+libdir=`pkg-config gdlib --variable=libdir` |
||||
includedir=@includedir@ |
||||
bindir=@bindir@ |
||||
+ldflags=`pkg-config gdlib --variable=ldflags` |
||||
|
||||
usage() |
||||
{ |
||||
@@ -68,7 +69,7 @@ while test $# -gt 0; do |
||||
echo @GDLIB_REVISION@ |
||||
;; |
||||
--ldflags) |
||||
- echo @LDFLAGS@ |
||||
+ echo $ldflags |
||||
;; |
||||
--libs) |
||||
echo -lgd @LIBS@ @LIBICONV@ |
||||
@@ -83,7 +84,7 @@ while test $# -gt 0; do |
||||
echo "GD library @VERSION@" |
||||
echo "includedir: $includedir" |
||||
echo "cflags: -I@includedir@" |
||||
- echo "ldflags: @LDFLAGS@" |
||||
+ echo "ldflags: $ldflags" |
||||
echo "libs: @LIBS@ @LIBICONV@" |
||||
echo "libdir: $libdir" |
||||
echo "features: @FEATURES@" |
@ -0,0 +1,73 @@
@@ -0,0 +1,73 @@
|
||||
From ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 Mon Sep 17 00:00:00 2001 |
||||
From: Mike Frysinger <vapier@gentoo.org> |
||||
Date: Sat, 14 Jul 2018 13:54:08 -0400 |
||||
Subject: [PATCH] bmp: check return value in gdImageBmpPtr |
||||
|
||||
Closes #447. |
||||
--- |
||||
src/gd_bmp.c | 17 ++++++++++++++--- |
||||
1 file changed, 14 insertions(+), 3 deletions(-) |
||||
|
||||
diff --git a/src/gd_bmp.c b/src/gd_bmp.c |
||||
index bde0b9d3..78f40d9a 100644 |
||||
--- a/src/gd_bmp.c |
||||
+++ b/src/gd_bmp.c |
||||
@@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp |
||||
static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header); |
||||
static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info); |
||||
|
||||
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression); |
||||
+ |
||||
#define BMP_DEBUG(s) |
||||
|
||||
static int gdBMPPutWord(gdIOCtx *out, int w) |
||||
@@ -87,8 +89,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression) |
||||
void *rv; |
||||
gdIOCtx *out = gdNewDynamicCtx(2048, NULL); |
||||
if (out == NULL) return NULL; |
||||
- gdImageBmpCtx(im, out, compression); |
||||
- rv = gdDPExtractData(out, size); |
||||
+ if (!_gdImageBmpCtx(im, out, compression)) |
||||
+ rv = gdDPExtractData(out, size); |
||||
+ else |
||||
+ rv = NULL; |
||||
out->gd_free(out); |
||||
return rv; |
||||
} |
||||
@@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression) |
||||
compression - whether to apply RLE or not. |
||||
*/ |
||||
BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) |
||||
+{ |
||||
+ _gdImageBmpCtx(im, out, compression); |
||||
+} |
||||
+ |
||||
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) |
||||
{ |
||||
int bitmap_size = 0, info_size, total_size, padding; |
||||
int i, row, xpos, pixel; |
||||
@@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) |
||||
unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL; |
||||
FILE *tmpfile_for_compression = NULL; |
||||
gdIOCtxPtr out_original = NULL; |
||||
+ int ret = 1; |
||||
|
||||
/* No compression if its true colour or we don't support seek */ |
||||
if (im->trueColor) { |
||||
@@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) |
||||
out_original = NULL; |
||||
} |
||||
|
||||
+ ret = 0; |
||||
cleanup: |
||||
if (tmpfile_for_compression) { |
||||
#ifdef _WIN32 |
||||
@@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) |
||||
if (out_original) { |
||||
out_original->gd_free(out_original); |
||||
} |
||||
- return; |
||||
+ return ret; |
||||
} |
||||
|
||||
static int compress_row(unsigned char *row, int length) |
@ -0,0 +1,62 @@
@@ -0,0 +1,62 @@
|
||||
From a11f47475e6443b7f32d21f2271f28f417e2ac04 Mon Sep 17 00:00:00 2001 |
||||
From: "Christoph M. Becker" <cmbecker69@gmx.de> |
||||
Date: Wed, 29 Nov 2017 19:37:38 +0100 |
||||
Subject: [PATCH] Fix #420: Potential infinite loop in gdImageCreateFromGifCtx |
||||
|
||||
Due to a signedness confusion in `GetCode_` a corrupt GIF file can |
||||
trigger an infinite loop. Furthermore we make sure that a GIF without |
||||
any palette entries is treated as invalid *after* open palette entries |
||||
have been removed. |
||||
|
||||
CVE-2018-5711 |
||||
|
||||
See also https://bugs.php.net/bug.php?id=75571. |
||||
--- |
||||
src/gd_gif_in.c | 12 ++++++------ |
||||
tests/gif/.gitignore | 1 + |
||||
tests/gif/CMakeLists.txt | 1 + |
||||
tests/gif/Makemodule.am | 2 ++ |
||||
tests/gif/php_bug_75571.c | 28 ++++++++++++++++++++++++++++ |
||||
tests/gif/php_bug_75571.gif | Bin 0 -> 1731 bytes |
||||
6 files changed, 38 insertions(+), 6 deletions(-) |
||||
create mode 100644 tests/gif/php_bug_75571.c |
||||
create mode 100644 tests/gif/php_bug_75571.gif |
||||
|
||||
diff --git a/src/gd_gif_in.c b/src/gd_gif_in.c |
||||
index daf26e79..0a8bd717 100644 |
||||
--- a/src/gd_gif_in.c |
||||
+++ b/src/gd_gif_in.c |
||||
@@ -335,11 +335,6 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd) |
||||
return 0; |
||||
} |
||||
|
||||
- if(!im->colorsTotal) { |
||||
- gdImageDestroy(im); |
||||
- return 0; |
||||
- } |
||||
- |
||||
/* Check for open colors at the end, so |
||||
* we can reduce colorsTotal and ultimately |
||||
* BitsPerPixel */ |
||||
@@ -351,6 +346,11 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd) |
||||
} |
||||
} |
||||
|
||||
+ if(!im->colorsTotal) { |
||||
+ gdImageDestroy(im); |
||||
+ return 0; |
||||
+ } |
||||
+ |
||||
return im; |
||||
} |
||||
|
||||
@@ -447,7 +447,7 @@ static int |
||||
GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroDataBlockP) |
||||
{ |
||||
int i, j, ret; |
||||
- unsigned char count; |
||||
+ int count; |
||||
|
||||
if(flag) { |
||||
scd->curbit = 0; |
||||
|
@ -0,0 +1,572 @@
@@ -0,0 +1,572 @@
|
||||
# requested by https://bugzilla.redhat.com/1468338 |
||||
# this break gdimagefile/gdnametest: |
||||
# gdimagefile/gdnametest.c:122: 255 pixels different on /tmp/gdtest.CrpdIb/img.gif |
||||
# gdimagefile/gdnametest.c:122: 255 pixels different on /tmp/gdtest.CrpdIb/img.GIF |
||||
# FAIL gdimagefile/gdnametest (exit status: 2) |
||||
%global with_liq 0 |
||||
|
||||
|
||||
Summary: A graphics library for quick creation of PNG or JPEG images |
||||
Name: gd |
||||
Version: 2.2.5 |
||||
Release: 6%{?prever}%{?short}%{?dist} |
||||
Group: System Environment/Libraries |
||||
License: MIT |
||||
URL: http://libgd.github.io/ |
||||
%if 0%{?commit:1} |
||||
# git clone https://github.com/libgd/libgd.git; cd gd-libgd |
||||
# git archive --format=tgz --output=libgd-%{version}-%{commit}.tgz --prefix=libgd-%{version}/ master |
||||
Source0: libgd-%{version}-%{commit}.tgz |
||||
%else |
||||
Source0: https://github.com/libgd/libgd/releases/download/gd-%{version}/libgd-%{version}.tar.xz |
||||
%endif |
||||
|
||||
Patch1: gd-2.1.0-multilib.patch |
||||
# CVE-2018-5711 - https://github.com/libgd/libgd/commit/a11f47475e6443b7f32d21f2271f28f417e2ac04 |
||||
Patch2: gd-2.2.5-upstream.patch |
||||
# CVE-2018-1000222 - https://github.com/libgd/libgd/commit/ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 |
||||
Patch3: gd-2.2.5-gdImageBmpPtr-double-free.patch |
||||
|
||||
BuildRequires: freetype-devel |
||||
BuildRequires: fontconfig-devel |
||||
BuildRequires: gettext-devel |
||||
BuildRequires: libjpeg-devel |
||||
BuildRequires: libpng-devel |
||||
BuildRequires: libtiff-devel |
||||
BuildRequires: libwebp-devel |
||||
%if %{with_liq} |
||||
BuildRequires: libimagequant-devel |
||||
%endif |
||||
BuildRequires: libX11-devel |
||||
BuildRequires: libXpm-devel |
||||
BuildRequires: zlib-devel |
||||
BuildRequires: pkgconfig |
||||
BuildRequires: libtool |
||||
#BuildRequires: perl-interpreter |
||||
#BuildRequires: perl-generators |
||||
# for fontconfig/basic test |
||||
BuildRequires: liberation-sans-fonts |
||||
|
||||
|
||||
%description |
||||
The gd graphics library allows your code to quickly draw images |
||||
complete with lines, arcs, text, multiple colors, cut and paste from |
||||
other images, and flood fills, and to write out the result as a PNG or |
||||
JPEG file. This is particularly useful in Web applications, where PNG |
||||
and JPEG are two of the formats accepted for inline images by most |
||||
browsers. Note that gd is not a paint program. |
||||
|
||||
|
||||
%package progs |
||||
Requires: %{name}%{?_isa} = %{version}-%{release} |
||||
Summary: Utility programs that use libgd |
||||
Group: Applications/Multimedia |
||||
|
||||
%description progs |
||||
The gd-progs package includes utility programs supplied with gd, a |
||||
graphics library for creating PNG and JPEG images. |
||||
|
||||
|
||||
%package devel |
||||
Summary: The development libraries and header files for gd |
||||
Group: Development/Libraries |
||||
Requires: %{name}%{?_isa} = %{version}-%{release} |
||||
Requires: freetype-devel%{?_isa} |
||||
Requires: fontconfig-devel%{?_isa} |
||||
Requires: libjpeg-devel%{?_isa} |
||||
Requires: libpng-devel%{?_isa} |
||||
Requires: libtiff-devel%{?_isa} |
||||
Requires: libwebp-devel%{?_isa} |
||||
Requires: libX11-devel%{?_isa} |
||||
Requires: libXpm-devel%{?_isa} |
||||
Requires: zlib-devel%{?_isa} |
||||
|
||||
%description devel |
||||
The gd-devel package contains the development libraries and header |
||||
files for gd, a graphics library for creating PNG and JPEG graphics. |
||||
|
||||
|
||||
%prep |
||||
%setup -q -n libgd-%{version}%{?prever:-%{prever}} |
||||
%patch1 -p1 -b .mlib |
||||
%patch2 -p1 -b .upstream |
||||
%patch3 -p1 -b .gdImageBmpPtr-free |
||||
|
||||
: $(perl config/getver.pl) |
||||
|
||||
: regenerate autotool stuff |
||||
if [ -f configure ]; then |
||||
libtoolize --copy --force |
||||
autoreconf -vif |
||||
else |
||||
./bootstrap.sh |
||||
fi |
||||
|
||||
|
||||
%build |
||||
# Provide a correct default font search path |
||||
CFLAGS="$RPM_OPT_FLAGS -DDEFAULT_FONTPATH='\"\ |
||||
/usr/share/fonts/bitstream-vera:\ |
||||
/usr/share/fonts/dejavu:\ |
||||
/usr/share/fonts/default/Type1:\ |
||||
/usr/share/X11/fonts/Type1:\ |
||||
/usr/share/fonts/liberation\"'" |
||||
|
||||
%ifarch %{ix86} |
||||
# see https://github.com/libgd/libgd/issues/242 |
||||
CFLAGS="$CFLAGS -msse -mfpmath=sse" |
||||
%endif |
||||
|
||||
%ifarch aarch64 ppc64 ppc64le s390 s390x |
||||
# workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1359680 |
||||
export CFLAGS="$CFLAGS -ffp-contract=off" |
||||
%endif |
||||
|
||||
%configure \ |
||||
--with-tiff=%{_prefix} \ |
||||
--disable-rpath |
||||
make %{?_smp_mflags} |
||||
|
||||
|
||||
%install |
||||
make install INSTALL='install -p' DESTDIR=$RPM_BUILD_ROOT |
||||
rm -f $RPM_BUILD_ROOT/%{_libdir}/libgd.la |
||||
rm -f $RPM_BUILD_ROOT/%{_libdir}/libgd.a |
||||
|
||||
|
||||
%check |
||||
export XFAIL_TESTS |
||||
|
||||
: Upstream test suite |
||||
make check |
||||
|
||||
: Check content of pkgconfig |
||||
grep %{version} $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gdlib.pc |
||||
|
||||
|
||||
%post -p /sbin/ldconfig |
||||
|
||||
%postun -p /sbin/ldconfig |
||||
|
||||
|
||||
%files |
||||
%{!?_licensedir:%global license %%doc} |
||||
%license COPYING |
||||
%{_libdir}/*.so.* |
||||
|
||||
%files progs |
||||
%{_bindir}/* |
||||
%exclude %{_bindir}/gdlib-config |
||||
|
||||
%files devel |
||||
%{_bindir}/gdlib-config |
||||
%{_includedir}/* |
||||
%{_libdir}/*.so |
||||
%{_libdir}/pkgconfig/gdlib.pc |
||||
|
||||
|
||||
%changelog |
||||
* Mon Sep 10 2018 mskalick@redhat.com - 2.2.5-6 |
||||
- Check return value in gdImageBmpPtr to avoid double free (CVE-2018-1000222) |
||||
Resolves: RHBZ#1621956 |
||||
|
||||
* Mon Aug 06 2018 mskalick@redhat.com - 2.2.5-5 |
||||
- Rebuild to pass annobin checks |
||||
Fixes: RHBZ#1611074 |
||||
|
||||
* Tue May 22 2018 mskalick@redhat.com - 2.2.5-4 |
||||
- gdimagegrayscale/basic test is not failing in RHEL8 |
||||
|
||||
* Mon Mar 26 2018 Marek Skalický <mskalick@redhat.com> - 2.2.5-3 |
||||
- Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx |
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.5-2 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild |
||||
|
||||
* Wed Aug 30 2017 Remi Collet <remi@fedoraproject.org> - 2.2.5-1 |
||||
- Update to 2.2.5 |
||||
- fix double-free in gdImagePngPtr(). CVE-2017-6362 |
||||
- fix buffer over-read into uninitialized memory. CVE-2017-7890 |
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.4-5 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild |
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.4-4 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild |
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.4-3 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild |
||||
|
||||
* Wed Feb 01 2017 Sandro Mani <manisandro@gmail.com> - 2.2.4-2 |
||||
- Rebuild (libwebp) |
||||
|
||||
* Wed Jan 18 2017 Remi Collet <remi@fedoraproject.org> - 2.2.4-1 |
||||
- Update to 2.2.4 |
||||
|
||||
* Tue Dec 06 2016 Marek Skalický <mskalick@redhat.com> - 2.2.3-5 |
||||
- Fix invalid read in gdImageCreateFromTiffPtr() ( CVE-2016-6911) |
||||
- Disable tests using freetype in Fedora 26 (freetype > 2.6) |
||||
|
||||
* Mon Dec 05 2016 Marek Skalický <mskalick@redhat.com> - 2.2.3-4 |
||||
- Fix stack based buffer overflow when passing negative `rlen` as size to |
||||
memcpy() (CVE-2016-8670) |
||||
|
||||
* Mon Dec 05 2016 Marek Skalický <mskalick@redhat.com> - 2.2.3-3 |
||||
- Fix possible overflow in gdImageWebpCtx (CVE-2016-7568) |
||||
|
||||
* Tue Jul 26 2016 Dan Horák <dan[at]danny.cz> - 2.2.3-2 |
||||
- apply workaround for rhbz#1359680 |
||||
|
||||
* Fri Jul 22 2016 Remi Collet <remi@fedoraproject.org> - 2.2.3-1 |
||||
- Update to 2.2.3 |
||||
- use -msse -mfpmath=sse build options (x86-32) |
||||
|
||||
* Fri Jun 24 2016 Remi Collet <remi@fedoraproject.org> - 2.2.2-1 |
||||
- Update to 2.2.2 |
||||
|
||||
* Sat May 28 2016 Remi Collet <remi@fedoraproject.org> - 2.2.1-2 |
||||
- remove unneeded sources |
||||
|
||||
* Fri May 27 2016 Marek Skalicky <mskalick@redhat.com> - 2.2.1-1 |
||||
- Upgrade to 2.2.1 release |
||||
- Upstream moved to github.com |
||||
|
||||
* Thu Apr 28 2016 Marek Skalicky <mskalick@redhat.com> - 2.1.1-7 |
||||
- Fixed heap overflow (CVE-2016-3074) |
||||
|
||||
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.1-6 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild |
||||
|
||||
* Tue Dec 1 2015 Tom Callaway <spot@fedoraproject.org> - 2.1.1-5 |
||||
- rebuild for libvpx 1.5.0 |
||||
|
||||
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.1-4 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
||||
|
||||
* Mon Apr 6 2015 Tom Callaway <spot@fedoraproject.org> - 2.1.1-3 |
||||
- rebuild for libvpx 1.4.0 |
||||
|
||||
* Mon Mar 23 2015 Remi Collet <remi@fedoraproject.org> - 2.1.1-2 |
||||
- fix version in gdlib.pc |
||||
- fix license handling |
||||
|
||||
* Wed Jan 14 2015 Jozef Mlich <jmlich@redhat.com> - 2.1.1-1 |
||||
- Update to 2.1.1 final |
||||
Resolves: #1181972 |
||||
|
||||
* Thu Jan 08 2015 Jozef Mlich <jmlich@redhat.com> - 2.1.0-8 |
||||
- Resolves: #1076676 CVE-2014-2497 |
||||
Previous patch indroduced memory leak. Using upstream version. |
||||
https://bitbucket.org/libgd/gd-libgd/commits/463c3bd09bfe8e924e19acad7a2a6af16953a704 |
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-7 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
||||
|
||||
* Wed Jul 16 2014 Jozef Mlich <jmlich@redhat.com> - 2.1.0-6 |
||||
- Resolves: #1076676 CVE-2014-2497 |
||||
NULL pointer dereference in gdImageCreateFromXpm() |
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-5 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
||||
|
||||
* Mon Dec 23 2013 Peter Robinson <pbrobinson@fedoraproject.org> 2.1.0-4 |
||||
- Fix FTBFS |
||||
|
||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-3 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
||||
|
||||
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 2.1.0-2 |
||||
- Perl 5.18 rebuild |
||||
|
||||
* Tue Jun 25 2013 Remi Collet <remi@fedoraproject.org> - 2.1.0-1 |
||||
- update to 2.1.0 final |
||||
|
||||
* Tue Jun 25 2013 Remi Collet <rcollet@redhat.com> - 2.1.0-0.2.725ba9d |
||||
- rebuild for linpng 1.6 |
||||
|
||||
* Tue Jun 11 2013 Remi Collet <rcollet@redhat.com> - 2.1.0-0.1.725ba9d |
||||
- update to 2.1.0 (post RC2 git snapshot) |
||||
|
||||
* Tue Apr 23 2013 Remi Collet <rcollet@redhat.com> - 2.0.35-25 |
||||
- drop uneeded patch |
||||
- really set default font search path |
||||
|
||||
* Mon Mar 25 2013 Honza Horak <hhorak@redhat.com> - 2.0.35-24 |
||||
- Fix build on aarch64 |
||||
|
||||
* Mon Mar 25 2013 Honza Horak <hhorak@redhat.com> - 2.0.35-23 |
||||
- Fix issues found by Coverity |
||||
|
||||
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-22 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild |
||||
|
||||
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 2.0.35-21 |
||||
- rebuild due to "jpeg8-ABI" feature drop |
||||
|
||||
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 2.0.35-20 |
||||
- rebuild against new libjpeg |
||||
|
||||
* Tue Aug 28 2012 Honza Horak <hhorak@redhat.com> - 2.0.35-19 |
||||
- Spec file cleanup |
||||
- Compile and run test suite during build |
||||
- Using chrpath to get rid of --rpath in gd-progs |
||||
|
||||
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-18 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
||||
|
||||
* Mon Jun 11 2012 Honza Horak <hhorak@redhat.com> - 2.0.35-17 |
||||
- fixed CVE-2009-3546 gd: insufficient input validation in _gdGetColors() |
||||
Resolves: #830745 |
||||
|
||||
* Tue Feb 28 2012 Honza Horak <hhorak@redhat.com> - 2.0.35-16 |
||||
- Fixed AALineThick.patch to display vertical lines correctly |
||||
Resolves: #798255 |
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-15 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
||||
|
||||
* Tue Nov 08 2011 Adam Jackson <ajax@redhat.com> 2.0.35-14 |
||||
- Rebuild for libpng 1.5 |
||||
|
||||
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-13 |
||||
- Rebuilt for glibc bug#747377 |
||||
|
||||
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-12 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
||||
|
||||
* Wed Jan 6 2010 Jiri Moskovcak <jmoskovc@redhat.com> - 2.0.35-11 |
||||
- more spec file fixes |
||||
|
||||
* Wed Jan 6 2010 Jiri Moskovcak <jmoskovc@redhat.com> - 2.0.35-10 |
||||
- spec file fixes based on merge review |
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-9 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
||||
|
||||
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.35-8 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
||||
|
||||
* Tue Jan 6 2009 Ivana Varekova <varekova@redhat.com> - 2.0.35-7 |
||||
- do minor spec file cleanup |
||||
|
||||
* Mon Jul 21 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 2.0.35-6 |
||||
- fix license tag (nothing in this is GPL) |
||||
|
||||
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.0.35-5 |
||||
- Autorebuild for GCC 4.3 |
||||
|
||||
* Tue Nov 20 2007 Ivana Varekova <varekova@redhat.com> 2.0.35-4 |
||||
- remove static library |
||||
|
||||
* Mon Nov 19 2007 Ivana Varekova <varekova@redhat.com> 2.0.35-3 |
||||
- spec file cleanup |
||||
|
||||
* Mon Nov 19 2007 Ivana Varekova <varekova@redhat.com> 2.0.35-2 |
||||
- fix gdlib.pc file |
||||
|
||||
* Tue Sep 18 2007 Ivana Varekova <varekova@redhat.com> 2.0.35-1 |
||||
- update to 2.0.35 |
||||
|
||||
* Tue Sep 4 2007 Ivana Varekova <varekova@redhat.com> 2.0.34-3 |
||||
- fix font paths (#225786#5) |
||||
- fix pkgconfig Libs flag (#225786#4) |
||||
|
||||
* Thu Feb 22 2007 Ivana Varekova <varekova@redhat.com> 2.0.34-2 |
||||
- incorporate package review feedback |
||||
|
||||
* Thu Feb 8 2007 Ivana Varekova <varekova@redhat.com> 2.0.34-1 |
||||
- update to 2.0.34 |
||||
|
||||
* Mon Jan 29 2007 Ivana Varekova <varekova@redhat.com> 2.0.33-12 |
||||
- Resolves: #224610 |
||||
CVE-2007-0455 gd buffer overrun |
||||
|
||||
* Tue Nov 21 2006 Ivana Varekova <varekova@redhat.com> 2.0.33-11 |
||||
- Fix problem with to large box boundaries |
||||
Resolves: #197747 |
||||
|
||||
* Thu Nov 16 2006 Ivana Varekova <varekova@redhat.com> 2.0.33-10 |
||||
- added 'thick' - variable support for AA line (#198042) |
||||
|
||||
* Tue Oct 31 2006 Adam Tkac <atkac@redhat.com> 2.0.33-9.4 |
||||
- patched some additionals overflows in gd (#175414) |
||||
|
||||
* Wed Sep 13 2006 Jitka Kudrnacova <jkudrnac@redhat.com> - 2.0.33 - 9.3 |
||||
- gd-devel now requires fontconfig-devel (#205834) |
||||
|
||||
* Wed Jul 19 2006 Jitka Kudrnacova <jkudrnac@redhat.com> - 2.0.33 - 9.2 |
||||
- use CFLAGS on sparc64 (#199363) |
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.0.33 - 9.1 |
||||
- rebuild |
||||
|
||||
* Mon Jul 10 2006 Jitka Kudrnacova <jkudrnac@redhat.com> 2.0.33-9 |
||||
- prevent from an infinite loop when decoding bad GIF images (#194520) |
||||
|
||||
* Thu May 25 2006 Ivana Varekova <varekova@redhat.com> - 2.0.33-7 |
||||
- fix multilib problem (add pkgconfig) |
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.0.33-6.2 |
||||
- bump again for double-long bug on ppc(64) |
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.0.33-6.1 |
||||
- rebuilt for new gcc4.1 snapshot and glibc changes |
||||
|
||||
* Fri Jan 20 2006 Phil Knirsch <pknirsch@redhat.com> 2.0.33-6 |
||||
- Included a few more overflow checks (#177907) |
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Wed Nov 02 2005 Phil Knirsch <pknirsch@redhat.com> 2.0.33-5 |
||||
- Switched BuildPreReqs and Requires to modular xorg-x11 style |
||||
|
||||
* Mon Oct 10 2005 Phil Knirsch <pknirsch@redhat.com> 2.0.33-4 |
||||
- Fixed possible gd crash when drawing AA line near image borders (#167843) |
||||
|
||||
* Wed Sep 07 2005 Phil Knirsch <pknirsch@redhat.com> 2.0.33-3 |
||||
- Fixed broken freetype-config --libs flags in configure (#165875) |
||||
|
||||
* Sun Apr 17 2005 Warren Togami <wtogami@redhat.com> 2.0.33-2 |
||||
- devel reqs (#155183 thias) |
||||
|
||||
* Tue Mar 22 2005 Than Ngo <than@redhat.com> 2.0.33-1 |
||||
- 2.0.33 #150717 |
||||
- apply the patch from Jose Pedro Oliveira |
||||
- Added the release macro to the subpackages requirements versioning |
||||
- Handled the gdlib-config movement to gd-devel in a differment manner |
||||
- Added fontconfig-devel to the build requirements |
||||
- Added xorg-x11-devel to the build requirements (Xpm) |
||||
- Removed explicit /sbin/ldconfig requirement (gd rpm) |
||||
- Removed explicit perl requirement (gd-progs rpm) |
||||
- Added several missing documentation files (including the license file) |
||||
- Replaced %%makeinstall by make install DESTDIR=... |
||||
|
||||
* Thu Mar 10 2005 Than Ngo <than@redhat.com> 2.0.32-3 |
||||
- move gdlib-config in devel |
||||
|
||||
* Wed Mar 02 2005 Phil Knirsch <pknirsch@redhat.com> 2.0.32-2 |
||||
- bump release and rebuild with gcc 4 |
||||
|
||||
* Wed Nov 03 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.32-1 |
||||
- Update to 2.0.32 which includes all the security fixes |
||||
|
||||
* Wed Oct 27 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.28-2 |
||||
- Fixed several buffer overflows for gdMalloc() calls |
||||
|
||||
* Tue Jul 27 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.28-1 |
||||
- Update to 2.0.28 |
||||
|
||||
* Fri Jul 02 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.27-1 |
||||
- Updated to 2.0.27 due to: |
||||
o Potential memory overruns in gdImageFilledPolygon. Thanks to John Ellson. |
||||
o The sign of Y-axis values returned in the bounding box by gdImageStringFT |
||||
was incorrect. Thanks to John Ellson and Riccardo Cohen. |
||||
|
||||
* Wed Jun 30 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.26-1 |
||||
- Update to 2.0.26 |
||||
|
||||
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Wed Apr 21 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.21-3 |
||||
- Disable rpath usage. |
||||
|
||||
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Mon Feb 02 2004 Phil Knirsch <pknirsch@redhat.com> 2.0.21-1 |
||||
- Updated to 2.0.21 |
||||
|
||||
* Tue Aug 12 2003 Florian La Roche <Florian.LaRoche@redhat.de> |
||||
- update to 2.0.15 |
||||
|
||||
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Tue May 06 2003 Phil Knirsch <pknirsch@redhat.com> 2.0.12-1 |
||||
- Update to 2.0.12 |
||||
|
||||
* Wed Jan 22 2003 Tim Powers <timp@redhat.com> 1.8.4-11 |
||||
- rebuilt |
||||
|
||||
* Wed Dec 11 2002 Tim Powers <timp@redhat.com> 1.8.4-10 |
||||
- rebuild on all arches |
||||
|
||||
* Fri Jun 21 2002 Tim Powers <timp@redhat.com> |
||||
- automated rebuild |
||||
|
||||
* Thu May 23 2002 Tim Powers <timp@redhat.com> |
||||
- automated rebuild |
||||
|
||||
* Thu Jan 24 2002 Phil Knirsch <pknirsch@redhat.com> |
||||
- Specfile update to add URL for homepage (#54608) |
||||
|
||||
* Wed Jan 09 2002 Tim Powers <timp@redhat.com> |
||||
- automated rebuild |
||||
|
||||
* Wed Oct 31 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.8.4-5 |
||||
- Rebuild with current libpng |
||||
|
||||
* Mon Aug 13 2001 Philipp Knirsch <pknirsch@redhat.de> 1.8.4-4 |
||||
- Fixed a wrong double ownership of libgd.so (#51599). |
||||
|
||||
* Fri Jul 20 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.8.4-3 |
||||
- There's really no reason to link against both freetype 1.x and 2.x, |
||||
especially when gd is configured to use just freetype 2.x. ;) |
||||
|
||||
* Mon Jun 25 2001 Philipp Knirsch <pknirsch@redhat.de> |
||||
- Forgot to include the freetype library in the shared library linking. Fixed. |
||||
|
||||
* Thu Jun 21 2001 Philipp Knirsch <pknirsch@redhat.de> |
||||
- Update to 1.8.4 |
||||
|
||||
* Tue Dec 19 2000 Philipp Knirsch <pknirsch@redhat.de> |
||||
- Updates the descriptions to get rid of al references to gif |
||||
|
||||
* Tue Dec 12 2000 Philipp Knirsch <Philipp.Knirsch@redhat.de> |
||||
- Fixed bug #22001 where during installation the .so.1 and the so.1.8 links |
||||
didn't get installed and therefore updates had problems. |
||||
|
||||
* Wed Oct 4 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- define HAVE_LIBTTF to actually enable ttf support (oops, #18299) |
||||
- remove explicit dependencies on libpng, libjpeg, et. al. |
||||
- add BuildPrereq: freetype-devel |
||||
|
||||
* Wed Aug 2 2000 Matt Wilson <msw@redhat.com> |
||||
- rebuilt against new libpng |
||||
|
||||
* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- add %%postun run of ldconfig (#14915) |
||||
|
||||
* Thu Jul 13 2000 Prospector <bugzilla@redhat.com> |
||||
- automatic rebuild |
||||
|
||||
* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- update to 1.8.3 |
||||
|
||||
* Sun Jun 4 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- rebuild in new environment |
||||
|
||||
* Mon May 22 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- break out a -progs subpackage |
||||
- disable freetype support |
||||
|
||||
* Fri May 19 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- update to latest version (1.8.2) |
||||
- disable xpm support |
||||
|
||||
* Thu Feb 03 2000 Nalin Dahyabhai <nalin@redhat.com> |
||||
- auto rebuild in the new build environment (release 6) |
||||
|
||||
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> |
||||
- auto rebuild in the new build environment (release 5) |
||||
|
||||
* Thu Dec 17 1998 Cristian Gafton <gafton@redhat.com> |
||||
- buiuld for glibc 2.1 |
||||
|
||||
* Fri Sep 11 1998 Cristian Gafton <gafton@redhat.com> |
||||
- built for 5.2 |
Loading…
Reference in new issue