[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libgd security update

From: Leo Famulari
Subject: libgd security update
Date: Fri, 15 Jul 2016 16:32:12 -0400
User-agent: Mutt/1.6.0 (2016-04-01)

Several security vulnerabilities in libgd have been discovered recently,
and today Debian issued a security update:

The first patch updates libgd to the latest release, 2.2.2, fixing some
of the bugs.

For the remaining bugs, I've taken patches from the master branch of the
libgd Git repo.

Two of the patches included binary files to be used in tests, which
`patch` cannot handle, so I've removed those parts of the patches.

This patch series was not trivial to create; removing the binary diffs
required some care, some of the patches depended on changes associated
with the removed binary diffs, and some upstream fixes were reverted and
re-committed with changes. Will someone double-check this patch series
for mistakes?

Attachment: 0001-gnu-gd-Update-to-2.2.2-fixes-CVE-2016-5767-6161.patch
Description: Text Data

Attachment: 0002-gnu-gd-Fix-CVE-2016-5766-6128-6132-6214.patch
Description: Text Data

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]