LibGD 2.3.0 release

The LibGD team is proud to announce the 2.3.0 release of libgd.

Security related fixes:

  • Double-free vulnerability in gdImageBmpPtr. (CVE-2018-1000222)
  • Null pointer reference at gdImageClone. (CVE-2018-14553)
  • Integer signedness error. (CVE-2018-5711)
  • Using uninitialized variables. (CVE-2019-11038)
  • Heap-based buffer overflow. (CVE-2019-6977)
  • Double-free in gdImage*Ptr(). (CVE-2019-6978)

For full list of changes, see CHANGELOG.md.

This is a recommended update.

You can download the 2.3.0 version of GD Graphics Library from the libgd project.

Check out the full commits list since the previous release.

links

social