Package "libgd-dev"
Name: |
libgd-dev
|
Description: |
GD Graphics Library (development version)
|
Latest version: |
2.2.5-4ubuntu0.5 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Head package: |
libgd2 |
Homepage: |
http://www.libgd.org/ |
Links
Download "libgd-dev"
Other versions of "libgd-dev" in Bionic
Changelog
libgd2 (2.2.5-4ubuntu0.5) bionic-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2017-6363-*.patch: make sure transparent
palette index is within bounds in src/gd_gd.c and add tests in
tests/gd/bug00383.c, tests/gd/CMakeLists.txt, tests/gd/Makemodule.am,
tests/gd2/bug00383.c, tests/gd2/CMakeLists.txt, test/gd2/Makemodule.am.
- CVE-2017-6363
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2021-38115.patch: fix a read out-of-bounds in
reading tga header file in src/gd_tga.c.
- CVE-2021-38115
* SECURITY UPDATE: Double free
- debian/patches/CVE-2021-40145.patch: fix a memory leak in
src/gd_gd2.c.
- CVE-2021-40145
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 30 Aug 2021 16:10:11 -0300
|
Source diff to previous version |
CVE-2017-6363 |
** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the ven |
CVE-2021-38115 |
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds |
CVE-2021-40145 |
** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The |
|
libgd2 (2.2.5-4ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference in gdImageClone allows attackers
to crash an application via a specific function call sequence
- debian/patches/CVE-2018-14553.patch: remove manual style copy from
src/gd.c and appropriately set stylePos in tests/gdimageclone/style.c.
- CVE-2018-14553
* SECURITY UPDATE: possible read of uninitialized variable in
gdImageCreateFromXbm()
- debian/patches/CVE-2019-11038.patch: error out if sscanf() doesn't receive
input in src/gd_xbm.c.
- debian/patches/CVE-2019-11038-test.patch: add a test for
CVE-2019-11038.patch
- CVE-2019-11038
-- Avital Ostromich <email address hidden> Mon, 09 Mar 2020 14:43:33 -0400
|
Source diff to previous version |
CVE-2018-14553 |
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific functi |
CVE-2019-11038 |
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x be |
|
libgd2 (2.2.5-4ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in gdImageColorMatch
- debian/patches/CVE-2019-6977.patch: use gdMaxColors in
src/gd_color_match.c.
- CVE-2019-6977
* SECURITY UPDATE: double-free in gdImage*Ptr() functions
- debian/patches/CVE-2019-6978.patch: properly handle failure in
src/gd_gif_out.c, src/gd_jpeg.c, src/gd_wbmp.c, add test to
tests/jpeg/CMakeLists.txt, tests/jpeg/Makemodule.am,
tests/jpeg/jpeg_ptr_double_free.c.
- CVE-2019-6978
-- Marc Deslauriers <email address hidden> Wed, 27 Feb 2019 14:31:55 -0500
|
Source diff to previous version |
CVE-2019-6977 |
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x |
CVE-2019-6978 |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is un |
|
libgd2 (2.2.5-4ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Double free
- debian/patches/CVE-2018-1000222.patch: fix in
src/gd_bmp.c.
- CVE-2018-1000222
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2018-5711.patch: fix in
src/gd_gif_in.c.
- CVE-2018-5711
-- <email address hidden> (Leonidas S. Barbosa) Thu, 23 Aug 2018 12:15:43 -0300
|
CVE-2018-1000222 |
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This atta |
CVE-2018-5711 |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, h |
|
About
-
Send Feedback to @ubuntu_updates