FEDORA-2017-2717b02630 created by remi 2 years ago for Fedora 24
stable

Version 2.2.4 - 2017-01-18

Security

  • gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317)
  • double-free in gdImageWebPtr() (CVE-2016-6912)
  • potential unsigned underflow in gd_interpolation.c
  • DOS vulnerability in gdImageCreateFromGd2Ctx()

Fixed

  • Fix #354: Signed Integer Overflow gd_io.c
  • Fix #340: System frozen
  • Fix OOB reads of the TGA decompression buffer
  • Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
  • Fix potential unsigned underflow
  • Fix double-free in gdImageWebPtr()
  • Fix invalid read in gdImageCreateFromTiffPtr()
  • Fix OOB reads of the TGA decompression buffer
  • Fix #68: gif: buffer underflow reported by AddressSanitizer
  • Avoid potentially dangerous signed to unsigned conversion
  • Fix #304: test suite failure in gif/bug00006 [2.2.3]
  • Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
  • Fix #330: Integer overflow in gdImageScaleBilinearPalette()
  • Fix 321: Null pointer dereferences in gdImageRotateInterpolated
  • Fix whitespace and add missing comment block
  • Fix #319: gdImageRotateInterpolated can have wrong background color
  • Fix color quantization documentation
  • Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
  • Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
  • Fix #300: gdImageClone() assigns res_y = res_x
  • Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
  • Replace GNU old-style field designators with C89 compatible initializers
  • Fix #297: gdImageCrop() converts palette image to truecolor image
  • Fix #290: TGA RLE decoding is broken
  • Fix unnecessary non NULL checks
  • Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files
  • Fix #280: gdImageWebpEx() quantization parameter is a misnomer
  • Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
  • Fix issue #276: Sometimes pixels are missing when storing images as BMPs
  • Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
  • Fix copy&paste error in gdImageScaleBicubicFixed()

Added

  • More documentation
  • Documentation on GD and GD2 formats
  • More tests

How to install

sudo dnf upgrade --advisory=FEDORA-2017-2717b02630
This update has been submitted for testing by remi. 2 years ago
User Icon hreindl commented & provided feedback 2 years ago
karma

works for me with php 7.0/7.1 (own php builds)

This update has been pushed to testing. 2 years ago
User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

This update has been submitted for stable by bodhi. 2 years ago
User Icon jonathancalloway commented & provided feedback 2 years ago
karma

No errors in dmesg or boot log after reboot

This update has been pushed to stable. 2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago

Automated Test Results