libgd security update

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libgd security update

From:	Leo Famulari
Subject:	libgd security update
Date:	Fri, 15 Jul 2016 16:32:12 -0400
User-agent:	Mutt/1.6.0 (2016-04-01)

Several security vulnerabilities in libgd have been discovered recently,
and today Debian issued a security update:
https://lists.debian.org/debian-security-announce/2016/msg00197.html

The first patch updates libgd to the latest release, 2.2.2, fixing some
of the bugs.

For the remaining bugs, I've taken patches from the master branch of the
libgd Git repo.

Two of the patches included binary files to be used in tests, which
`patch` cannot handle, so I've removed those parts of the patches.

This patch series was not trivial to create; removing the binary diffs
required some care, some of the patches depended on changes associated
with the removed binary diffs, and some upstream fixes were reverted and
re-committed with changes. Will someone double-check this patch series
for mistakes?

0001-gnu-gd-Update-to-2.2.2-fixes-CVE-2016-5767-6161.patch
Description: Text Data

0002-gnu-gd-Fix-CVE-2016-5766-6128-6132-6214.patch
Description: Text Data

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

libgd security update, Leo Famulari <=
- Re: libgd security update, Ludovic Courtès, 2016/07/16
  - Re: libgd security update, Leo Famulari, 2016/07/16

Prev by Date: Re: [PATCH] gnu: Add mono.
Next by Date: [PATCH v2] gnu: Add encfs.
Previous by thread: [PATCH] gnu: Add mono.
Next by thread: Re: libgd security update
Index(es):
- Date
- Thread