Other articles


  1. LibGD 2.3.1 release

    The LibGD team is proud to announce the 2.3.1 release of libgd.

    Fixes:

    • Fix potential integer overflow detected by oss-fuzz
    • Fix #615 using libraqm
    • Fix #303: gdlib.pc: use Requires instead of Libs
    • Using uninitialized variables. (CVE-2019-11038)
    • Heap-based buffer overflow. (CVE-2019-6977)
    • Double-free in gdImage*Ptr(). (CVE-2019-6978)

    For full …

    read more
  2. LibGD 2.3.0 release

    The LibGD team is proud to announce the 2.3.0 release of libgd.

    Security related fixes:

    • Double-free vulnerability in gdImageBmpPtr. (CVE-2018-1000222)
    • Null pointer reference at gdImageClone. (CVE-2018-14553)
    • Integer signedness error. (CVE-2018-5711)
    • Using uninitialized variables. (CVE-2019-11038)
    • Heap-based buffer overflow. (CVE-2019-6977)
    • Double-free in gdImage*Ptr(). (CVE-2019-6978)

    For full list of changes …

    read more
  3. LibGD 2.2.5 release

    The LibGD team is proud to announce the 2.2.5 release of libgd.

    Security related fixes:

    • Double-free in gdImagePngPtr(). (CVE-2017-6362)
    • Buffer over-read into uninitialized memory. (CVE-2017-7890)

    For full list of changes, see CHANGELOG.md.

    This is a recommended update.

    You can download the 2.2.5 version of GD …

    read more
  4. LibGD 2.2.4 release

    LibGD team is proud to announce the 2.2.4 release of libgd.

    Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:

    • gdImageCreate() doesn't check for oversized images and as such is prone …
    read more
  5. LibGD 2.2.3 release

    We welcome the 2.2.3 release around a month after 2.2.2 (we are getting consistent). Another important milestone in the GD 2.2 series.

    Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before …

    read more
  6. LibGD 2.2.2 release

    Exactly a month after 2.2.1 we welcome the 2.2.2 release. An important milestone in the GD 2.2 series.

    Security related fixes:

    • Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (CVE-2016-5767)
    • #215 Stack overflow with gdImageFillToBorder (CVE-2015-8874, CVE-2016-9933)
    • NULL Pointer Dereference at _gdScaleVert

    We also like …

    read more
  7. LibGD 2.2.1 release

    Hot on the tail of the 2.2.0 release, we've got 2.2.1 ready! A security issue was missed in the previous bug triaging but that's in here now.

    This is a recommended update.

    You can download the 2.2.1 version of GD Graphics Library from the …

    read more
  8. LibGD 2.2.0 release

    GD team proudly announces that the 2.2.0 version of GD Graphics Library has been released. We have fixed a good number of reported bugs. The cmake build is getting better, but most people should still use the configure script. See the Changelog files for a full list with …

    read more

Page 1 / 2 »

links

social