Back to libgd2 PTS page

Accepted libgd2 2.1.0-5+deb8u4 (source amd64) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted libgd2 2.1.0-5+deb8u4 (source amd64) into proposed-updates->stable-new, proposed-updates
From: Ondřej Surý <ondrej@debian.org>
Date: Sat, 16 Jul 2016 22:02:47 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1bOXfb-0001ZS-RU@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 15 Jul 2016 15:02:40 +0200
Source: libgd2
Binary: libgd-tools libgd-dev libgd3 libgd-dbg libgd2-xpm-dev libgd2-noxpm-dev
Architecture: source amd64
Version: 2.1.0-5+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 libgd-dbg  - Debug symbols for GD Graphics Library
 libgd-dev  - GD Graphics Library (development version)
 libgd-tools - GD command line tools and example code
 libgd2-noxpm-dev - GD Graphics Library (transitional package)
 libgd2-xpm-dev - GD Graphics Library (transitional package)
 libgd3     - GD Graphics Library
Closes: 829014 829062 829694
Changes:
 libgd2 (2.1.0-5+deb8u4) jessie-security; urgency=high
 .
   * [CVE-2016-5766]: Fix Integer Overflow in _gd2GetHeader() resulting in
     heap overflow (Closes: #829014)
   * [CVE-2016-6128]: Fix invalid color index not handled, can lead to
     crash (Closes: #829062)
   * [CVE-2016-6161]: Add upstream patch to fix gif: avoid out-of-bound
     reads of masks array
   * [CVE-2016-6132]: Fix out-of-bounds read in the parsing of TGA files
     (Closes: #829694)
   * [CVE-2016-6214]: Fix read out-of-bands was found in TGA
   * [CVE-to-be-assigned]: Fix another out-of-bounds read in read_image_tga
     (upstream #248)
   * [CVE-2016-5116]: Fix xbm: avoid stack overflow (read) with large names
Checksums-Sha1:
 ecd2566d277b728d92a2eade015a6eeb44652be2 2467 libgd2_2.1.0-5+deb8u4.dsc
 31370d2bdc6b334791363958d00042676ed18c1e 42188 libgd2_2.1.0-5+deb8u4.debian.tar.xz
 c612d05bec4d776dc251abbcd1fa4171b2db3980 42170 libgd-tools_2.1.0-5+deb8u4_amd64.deb
 694fddad0afeca74252a7fa96e303469623e8a57 285990 libgd-dev_2.1.0-5+deb8u4_amd64.deb
 cf5c751405d7ef91c0660b10661ac6e44f591650 147158 libgd3_2.1.0-5+deb8u4_amd64.deb
 da96ddec0407ea5ee86f2b2d48ae77590c46b32b 312798 libgd-dbg_2.1.0-5+deb8u4_amd64.deb
 3907816e7b17db029304207345db05a26ab62311 1226 libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
 c54558be2a2fb692c3721066c0d5ae2fdaff9bfe 1234 libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb
Checksums-Sha256:
 36f4108f39a7c0f94c3c6f7e82ded7fd97107a2ba562de53746e2cab3dfd149e 2467 libgd2_2.1.0-5+deb8u4.dsc
 02d1970ea4764cea15586f5f9663cbfb20694f985f8bd50927912d481f1d61cc 42188 libgd2_2.1.0-5+deb8u4.debian.tar.xz
 6f3d26ee2f2b3d4dbdef2e3c016ea8d961b4b2a8f11c9cb92fa5c9310fb7d3a6 42170 libgd-tools_2.1.0-5+deb8u4_amd64.deb
 1a828e6d07c861f1664509f9b69c1cb976fa6500a32f44b042ecd7e3756c983a 285990 libgd-dev_2.1.0-5+deb8u4_amd64.deb
 81c79acdb6280b5581f362e093447bb45b00b2cb12e08a2732a49f7ff98ecb4e 147158 libgd3_2.1.0-5+deb8u4_amd64.deb
 ef6ad931e8cb4202914e916e0ddb8752c64092adae56d6fd84badb3f3385ab09 312798 libgd-dbg_2.1.0-5+deb8u4_amd64.deb
 bdca1fb09a060f6855760cd8a61141b8c0edbb366f46935fae6c3798e04610c3 1226 libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
 0d88e7dbe42220e4136b5cb72813a8b1538c2fb28d5f467268185f3893408cc9 1234 libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb
Files:
 7406b8daef1a4a32288fb1917245e62b 2467 graphics optional libgd2_2.1.0-5+deb8u4.dsc
 3f98fe92e5546e149a64c8c3a6cb175e 42188 graphics optional libgd2_2.1.0-5+deb8u4.debian.tar.xz
 170f217cf2e9cc0c07c6303874565cec 42170 graphics optional libgd-tools_2.1.0-5+deb8u4_amd64.deb
 480e518a04dbdf1675f35bf83901e104 285990 libdevel optional libgd-dev_2.1.0-5+deb8u4_amd64.deb
 f3dc95517656c2ecb67811d1c5cf0f27 147158 libs optional libgd3_2.1.0-5+deb8u4_amd64.deb
 449b6edc19c751a319c66671239d96ac 312798 debug extra libgd-dbg_2.1.0-5+deb8u4_amd64.deb
 7cbc6eaf10cf3847c139baa6887b0644 1226 oldlibs extra libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
 e530298ac8fc56048d092f1aa1c67f2d 1234 oldlibs extra libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXiOAoXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHMKIP/01h981oZSck38eG1cSfGUnf
lIfC+JCADXSdEGP2lf0iVDnLteRDaopB7wCMUM1GbVrwxDOz4rsZxwC6pxz89iuv
/ht0SPzxaSKpz0SQ5UEi/tOno2aDFfgFW9G8Cp/la96ipcMGYzcpUqyB+TXliL5G
iAa6J7msxesgQ+4IUNrnLE+gqLyPEgP3Wga171lDf5AGd0BF+wD+I6oG4dBbW2VI
TTHM3qi69SsNFPB7GQx88n0ZHJaukmPLmRq1LOB4mvv1R6qlxTzNvaO4K6mkzcCi
il7MMEN7RKcoTCSRO4useHZy2q1oViZdcnU9d56iqDeirokaNK07wF562M1/lqzb
ovXUcjh4MiILTA3alx0Z70Vmtv11ROamHPQApjiD5PbFnj1mCjiNYfrjRtKmCIQL
dv7x0nsUerGVJxqmyuhLVah5zMIPQafQMwqSSm0BLDscgtkeVUxpTUn06wVFReJi
0znG53cztxdDN09+ULGie2JyLp3egOjM+ZK3w0sjhMUuCZ7Dm2ZZ4eKrGOVCJ2I6
6ZbitGLOgUfWdEEpuyqduHlfgutQg8EySFEh81T9ZV9iW00XMne+H89BTsFNkpFB
zWD7zy7Wcb+8llyQuH4U1zp0z5M8A7/y+IYmSbffaHI8mDDr0XsAzpKzXAbi7rtZ
b9TOaT/yuTI3m8hnoTOY
=gJe0
-----END PGP SIGNATURE-----