deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gd: security bump to version 2.2.4 

Fixes:
CVE-2016-9317 - gdImageCreate() doesn't check for oversized images and
as such is prone to DoS vulnerabilities.
CVE-2016-6912 - double-free in gdImageWebPtr()
(without CVE):
Potential unsigned underflow in gd_interpolation.c
DOS vulnerability in gdImageCreateFromGd2Ctx()
Signed Integer Overflow gd_io.c

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017.02.x
Gustavo Zacarias 2017-01-19 10:44:51 -03:00 committed by Peter Korsgaard
parent d06e23e79a
commit 39885cc5b0
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/gd/gd.hash
View File

@ -1,2 +1,2 @@
# Locally calculated
sha256 746b6cbd6769a22ff3ba6f5756f3512a769bd4cdf4695dff17f4867f25fa7d3c libgd-2.2.3.tar.xz
sha256 137f13a7eb93ce72e32ccd7cebdab6874f8cf7ddf31d3a455a68e016ecd9e4e6 libgd-2.2.4.tar.xz

2
package/gd/gd.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
GD_VERSION = 2.2.3
GD_VERSION = 2.2.4
GD_SOURCE = libgd-$(GD_VERSION).tar.xz
GD_SITE = https://github.com/libgd/libgd/releases/download/gd-$(GD_VERSION)
GD_INSTALL_STAGING = YES