godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-05 14:09:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

gd: security bump to version 2.2.5

Browse Source 
Fixes the following security issues:

CVE-2017-6362: Double-free in gdImagePngPtr()
CVE-2017-7890: Buffer over-read into uninitialized memory

Drop patches no more needed:

0001-gdlib-config.patch: @LIBICONV@ is nowadays correct AC_SUBST'ed by
configure

0002-gd_bmp-fix-build-with-uClibc.patch: upstream uses ceil() since
6913dd3cd2

While we're at it, add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard
2017-09-07 16:45:51 +02:00
parent f396d1310b
commit 3b85d24c1d
4 changed files with 3 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
package/gd/gd.hash
View File

@@ -1,2 +1,3 @@
# Locally calculated
sha256 137f13a7eb93ce72e32ccd7cebdab6874f8cf7ddf31d3a455a68e016ecd9e4e6 libgd-2.2.4.tar.xz
sha256 8c302ccbf467faec732f0741a859eef4ecae22fea2d2ab87467be940842bde51 libgd-2.2.5.tar.xz
sha256 d02dae2141d49b8a6b09b2b73e68a8f17d7bbeaaf02b3b841ee11fea2d9e328d COPYING