--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-e795f92d79
2020-03-31 00:15:07.171396
--------------------------------------------------------------------------------
Name : gd
Product : Fedora 32
Version : 2.3.0
Release : 1.fc32
URL :
http://libgd.github.io/
Summary : A graphics library for quick creation of PNG or JPEG images
Description :
The gd graphics library allows your code to quickly draw images
complete with lines, arcs, text, multiple colors, cut and paste from
other images, and flood fills, and to write out the result as a PNG or
JPEG file. This is particularly useful in Web applications, where PNG
and JPEG are two of the formats accepted for inline images by most
browsers. Note that gd is not a paint program.
--------------------------------------------------------------------------------
Update Information:
**Version 2.3.0** - 2020-03-22 **Security** - Potential double-free in
gdImage*Ptr(). (CVE-2019-6978) - gdImageColorMatch() out of bounds write on
heap. (CVE-2019-6977) - Uninitialized read in gdImageCreateFromXbm().
(CVE-2019-11038) - Double-free in gdImageBmp. (CVE-2018-1000222) - Potential
NULL pointer dereference in gdImageClone(). (CVE-2018-14553) - Potential
infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711) **Fixed** * Fix
#597: add codecov support - Fix #596: gdTransformAffineCopy run error - Fix
#589: Install dependencies move to .travis.yml - Fix #586:
gdTransformAffineCopy() segfaults on palette images - Fix #585:
gdTransformAffineCopy() changes interpolation method - Fix #584:
gdImageSetInterpolationMethod(im, GD_DEFAULT) inconsistent - Fix #583:
gdTransformAffineCopy() may use unitialized values - Fix #533: Remove cmake
modules - Fix #539: Add RAQM support for cmake - Fix #499: gdImageGifAnimAddPtr:
heap corruption with 2 identical images - Fix #486: gdImageCropAuto(���,
GD_CROP_SIDES) crops left but not right - Fix #485: auto cropping has
insufficient precision - Fix #479: Provide a suitable malloc function to liq -
Fix #474: libtiff link returns 404 HTTP code - Fix #450: Failed to open 1 bit
per pixel bitmap - Fix #440: new_width & new_height exception handling - Fix
#432: gdImageCrop neglecting transparency - Fix #420: Potential infinite loop in
gdImageCreateFromGifCtx - Fix #411: gd_gd.c format documentation appears to be
incorrect - Fix #369: Fix new_a init error in gdImageConvolution() - Fix #351:
gdImageFilledArc() doesn't properly draw pies - Fix #338: Fatal and normal
libjpeg/libpng errors not distinguishable - Fix #169: Update var type to hold
bigger w&h for ellipse - Fix #164: update doc files install directory in
CMakeLists.txt - Correct some test depend errors - Update cmake min version to
3.7 - Delete libimagequant source code download action in CMakeLists.txt -
Improve msys support - Fix some logic error in CMakeLists.txt - Remove the
following macro: HAVE_STDLIB_H, HAVE_STRING_H, HAVE_STDDEF_H, HAVE_LIMITS_H,
HAVE_ERRNO_H, AC_C_CONST ----- **Notice:** * fix for CVE-2018-5711,
CVE-2018-1000222, CVE-2019-6977, CVE-2019-6978, and CVE-2018-14553 were already
applied in previous packages. * gdlib-config command have been dropped
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 24 2020 Remi Collet <remi(a)remirepo.net> - 2.3.0-1
- update to 2.3.0
- add dependency on libraqm
- remove gdlib-config
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-e795f92d79' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------