guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libgd security update / i686 issues

From: Leo Famulari
Subject: libgd security update / i686 issues
Date: Thu, 28 Jul 2016 03:23:37 -0400
User-agent: Mutt/1.6.0 (2016-04-01) 
libgd 2.2.3 has been released [0], which includes fixes for
CVE-2016-6207.

I built it on x86_64, and also cross-built to i686-linux. The 32-bit rounding
issue that Mark fixed with commit 27326064 was reported upstream [1],
and the suggested workaround is to add "-msse -mfpmath=sse" to CFLAGS
[2].

Having removed Mark's patch, I can cross-build to i686-linux using those
flags. The patch has gone stale with the 2.2.3 release:

---
gdimagerotate/bug00067.c: In function ‘main’:
gdimagerotate/bug00067.c:11:14: error: unused variable ‘filename’ 
[-Werror=unused-variable]
  char *path, filename[2048];
              ^
gdimagerotate/bug00067.c:11:8: error: unused variable ‘path’ 
[-Werror=unused-variable]
  char *path, filename[2048];
        ^
cc1: all warnings being treated as errors
Makefile:3120: recipe for target 'gdimagerotate/bug00067.o' failed
---

Should these CFLAGS values be applied unconditionally, as in the
attached patch, or should they be applied only while building on or for
specific architectures? Or something else?

[0]
https://github.com/libgd/libgd/releases/tag/gd-2.2.3

[1]
https://github.com/libgd/libgd/issues/242

[2]
https://github.com/libgd/libgd/commit/62ecc651e7780add5e4035bfc0e6cd060e90f6a9

Attachment: 0001-gnu-gd-Update-to-2.2.3.patch
Description: Text Data

reply via email to
[Prev in Thread] Current Thread [Next in Thread]