mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-19 19:59:43 +00:00
graphics/gd: Update from 2.2.4 to 2.2.5
This update fixes 2 security issues: - Double-free in gdImagePngPtr(). (CVE-2017-6362) - Buffer over-read into uninitialized memory. (CVE-2017-7890) Full Changelog: https://github.com/libgd/libgd/blob/gd-2.2.5/CHANGELOG.md PR: 229707 Submitted by: Mikhail Teterin <mi@FreeBSD.org> Approved by: maintainer timeout (dinoex, 2 weeks) MFH: 2018Q3 Security: CVE-2017-6362 Security: CVE-2017-7890
This commit is contained in:
parent
340709b56a
commit
815cbdfa64
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=475415
@ -2,8 +2,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= libgd
|
||||
PORTVERSION= 2.2.4
|
||||
PORTREVISION= 1
|
||||
PORTVERSION= 2.2.5
|
||||
PORTEPOCH= 1
|
||||
CATEGORIES+= graphics
|
||||
MASTER_SITES= https://github.com/${PORTNAME}/${PORTNAME}/releases/download/gd-${PORTVERSION}/
|
||||
@ -24,6 +23,7 @@ USES= tar:xz pkgconfig pathfix libtool:keepla shebangfix jpeg
|
||||
SHEBANG_FILES= ${WRKSRC}/src/bdftogd
|
||||
GNU_CONFIGURE= yes
|
||||
USE_LDCONFIG= yes
|
||||
TEST_TARGET= check
|
||||
|
||||
OPTIONS_DEFINE= FONTCONFIG ICONV XPM WEBP
|
||||
OPTIONS_DEFAULT=FONTCONFIG WEBP
|
||||
@ -90,6 +90,6 @@ pre-build:
|
||||
post-install:
|
||||
${INSTALL_DATA} ${WRKSRC}/src/gdhelpers.h \
|
||||
${STAGEDIR}${PREFIX}/include/
|
||||
${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libgd.so.6.0.4
|
||||
${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libgd.so.6*
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1485463341
|
||||
SHA256 (libgd-2.2.4.tar.xz) = 137f13a7eb93ce72e32ccd7cebdab6874f8cf7ddf31d3a455a68e016ecd9e4e6
|
||||
SIZE (libgd-2.2.4.tar.xz) = 2478528
|
||||
TIMESTAMP = 1531337629
|
||||
SHA256 (libgd-2.2.5.tar.xz) = 8c302ccbf467faec732f0741a859eef4ecae22fea2d2ab87467be940842bde51
|
||||
SIZE (libgd-2.2.5.tar.xz) = 2594092
|
||||
|
34
graphics/gd/files/patch-gd_gif_in.c
Normal file
34
graphics/gd/files/patch-gd_gif_in.c
Normal file
@ -0,0 +1,34 @@
|
||||
See:
|
||||
|
||||
https://bugs.php.net/bug.php?id=75571
|
||||
|
||||
--- src/gd_gif_in.c 2017-08-30 07:05:54.000000000 -0400
|
||||
+++ src/gd_gif_in.c 2018-07-11 15:39:11.746181000 -0400
|
||||
@@ -336,9 +336,4 @@
|
||||
}
|
||||
|
||||
- if(!im->colorsTotal) {
|
||||
- gdImageDestroy(im);
|
||||
- return 0;
|
||||
- }
|
||||
-
|
||||
/* Check for open colors at the end, so
|
||||
* we can reduce colorsTotal and ultimately
|
||||
@@ -352,4 +347,9 @@
|
||||
}
|
||||
|
||||
+ if(!im->colorsTotal) {
|
||||
+ gdImageDestroy(im);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
return im;
|
||||
}
|
||||
@@ -447,6 +447,5 @@
|
||||
GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroDataBlockP)
|
||||
{
|
||||
- int i, j, ret;
|
||||
- unsigned char count;
|
||||
+ int i, j, ret, count;
|
||||
|
||||
if(flag) {
|
@ -29,5 +29,5 @@ lib/libgd.a
|
||||
lib/libgd.la
|
||||
lib/libgd.so
|
||||
lib/libgd.so.6
|
||||
lib/libgd.so.6.0.4
|
||||
lib/libgd.so.6.0.5
|
||||
libdata/pkgconfig/gdlib.pc
|
||||
|
Loading…
Reference in New Issue
Block a user