projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4ad7707) | patch
gd: security bump to version 2.2.2
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Sun, 26 Jun 2016 20:54:11 +0000 (17:54 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sun, 26 Jun 2016 20:59:36 +0000 (22:59 +0200)
commitecc43a771ad82f369d2dccb3d2d4586250828e6e
tree043e3dec72f0dde9977fd508e01b9ffb19e66c07tree
parent4ad77070286aea7844a9b8df1c20a64fc3d9e318commit | diff
gd: security bump to version 2.2.2

Drop upstreamed patches.
Drop autoreconf since it's no longer required.
Patch 0002-no-zlib.patch is no longer required, and is in fact harmful.
Update homepage URL.

Fixes:
CVE-2015-8874 - #215 Stack overflow with gdImageFillToBorder
CVE-2016-3074 - gd2: handle corrupt images better
CVE-2016-5767 - Integer Overflow in gdImagePaletteToTrueColor()
resulting in heap overflow

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/gd/0002-gd_bmp-fix-build-with-uClibc.patch [new file with mode: 0644] blob
package/gd/0002-no-zlib.patch [deleted file] blob | history
package/gd/0003-gd_bmp-fix-build-with-uClibc.patch [deleted file] blob | history
package/gd/0004-webp-pre.patch [deleted file] blob | history
package/gd/0005-webp.patch [deleted file] blob | history
package/gd/Config.in diff | blob | history
package/gd/gd.hash diff | blob | history
package/gd/gd.mk diff | blob | history