[ubuntu/artful-proposed] libgd2 2.2.4-2ubuntu1 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Mon Aug 14 18:36:15 UTC 2017 

libgd2 (2.2.4-2ubuntu1) artful; urgency=medium

  * SECURITY UPDATE: memory read vulnerability in GIF
    - debian/patches/CVE-2017-7890.patch: zeroing buffers to avoid
      information leak and adding test in src/gd_gif_in.c,
      tests/gif/CMakeLists.txt, tests/gif/MakeModule.am,
      tests/gif/uninitialized_memory_read.c,
      tests/gif/unitialized_memory_read.gif.
    - CVE-2017-7890
  * Fixing test fail for freetype 2.7
    - debian/patches/fix-test-fails-freetype2_7.patch: disable
      subpixel hinting in tests/freetype/bug00132.c,
      tests/gdimagestringft/gdimagestrinft_bbox.c

Date: Thu, 10 Aug 2017 14:17:46 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libgd2/2.2.4-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 10 Aug 2017 14:17:46 -0300
Source: libgd2
Binary: libgd-tools libgd-dev libgd3
Architecture: source
Version: 2.2.4-2ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
 libgd-dev  - GD Graphics Library (development version)
 libgd-tools - GD command line tools and example code
 libgd3     - GD Graphics Library
Changes:
 libgd2 (2.2.4-2ubuntu1) artful; urgency=medium
 .
   * SECURITY UPDATE: memory read vulnerability in GIF
     - debian/patches/CVE-2017-7890.patch: zeroing buffers to avoid
       information leak and adding test in src/gd_gif_in.c,
       tests/gif/CMakeLists.txt, tests/gif/MakeModule.am,
       tests/gif/uninitialized_memory_read.c,
       tests/gif/unitialized_memory_read.gif.
     - CVE-2017-7890
   * Fixing test fail for freetype 2.7
     - debian/patches/fix-test-fails-freetype2_7.patch: disable
       subpixel hinting in tests/freetype/bug00132.c,
       tests/gdimagestringft/gdimagestrinft_bbox.c
Checksums-Sha1:
 972cedbaaf0a7511d191c31fbc97c1064debbed9 2256 libgd2_2.2.4-2ubuntu1.dsc
 38cc094c393bd2e126c3c68e984fe1391e87fd85 38228 libgd2_2.2.4-2ubuntu1.debian.tar.xz
 e1f0d6c0a5449f248643b3da414476b08b7e35ae 7085 libgd2_2.2.4-2ubuntu1_source.buildinfo
Checksums-Sha256:
 1fc0f8aec8e8f22ccbb743fb88fd3f078300bbde26c6fd0e0ff851423eef52d3 2256 libgd2_2.2.4-2ubuntu1.dsc
 85298f7d3e0877a9d980939a6570c3c3dbc3058ff8006fb2918f01090c7dd79b 38228 libgd2_2.2.4-2ubuntu1.debian.tar.xz
 4ff11fee99b4c1816f72edafe3bccef6fbbbc9f4d6bec01e5c9181e46f4382d8 7085 libgd2_2.2.4-2ubuntu1_source.buildinfo
Files:
 e555658a096f8f94fa1003777a2aa15e 2256 graphics optional libgd2_2.2.4-2ubuntu1.dsc
 9eda879167c19f9edd2b0572ee4aaa38 38228 graphics optional libgd2_2.2.4-2ubuntu1.debian.tar.xz
 132875d9f334b8e1aefd3f487a9bee5c 7085 graphics optional libgd2_2.2.4-2ubuntu1_source.buildinfo
Original-Maintainer: GD team <pkg-gd-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJZkeusAAoJEGVp2FWnRL6THpYP/0M555eAt+Ycoyv8fWn4tDV0
XUGdxmvV9b9Lz3sNOzNfdDaXpqWPgeOGp8wkP1G11Eg+p/37G8UbvsOx5s8Cz6EI
FWa624Id/VBDuG3+UlOrvNIBHb8YQ72x3DQYHAdMkXggdzcHYBO6YifpWfUxy0sl
az9+p+01/wile7olO1NhnSp9BI/AYvTjRexBUuffgodKFVjCzMpEBy/jbl/jbPyo
ttgAYY2LYOzgW89I4oimIIplBoGs5aKm13FEZqQ0LSGPuB84BfNH07RCfloyxcv1
QpuppBQDHerCRFAzwOny0U+VF92h0D1+f+0xamlO49wuprr9AOl7pcA3nsTG/C6A
uKzpeIVv2ZYU7qakWs0PrHoDMa+aOVX+KkOtx/hVEZoCJuDjy5fw3flUnDTiGGKC
fYBUoRzyJjILBE24Njm0brKmtYnDdUi7jRCJJMGTRRE+LVlSO0mNQZJRRjk3tZMj
4Q0jPfDwMk8c+I88cpWGkE803wgpCc9KG3jIXjSku888F5uSq+0KxptSiEw0bxP3
ytPmakbrhj5K0gw++qaFVzGLnyRtv1ZcJP/cWvXsqIAtIzAcF35SCXdFPFN3YtbJ
qrm/81AgfhQQwbvXzKEqkz3nsXi4QTE8UFtb2i5O2YL2FmoXLoC0V1pu4b7SVROU
s5AB+C7GnnZmICVkNJIg
=L+sM
-----END PGP SIGNATURE-----

More information about the Artful-changes mailing list