The LibGD team is proud to announce the 2.2.5 release of libgd.
Security related fixes:
- Double-free in gdImagePngPtr(). (CVE-2017-6362)
- Buffer over-read into uninitialized memory. (CVE-2017-7890)
For full list of changes, see CHANGELOG.md.
This is a recommended update.
You can download the 2.2.5 version of GD Graphics Library from the libgd project.
Check out the full commits list since the previous release.