Hello community, here is the log from the commit of package gd for openSUSE:Factory checked in at 2017-09-08 20:39:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gd (Old) and /work/SRC/openSUSE:Factory/.gd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gd" Fri Sep 8 20:39:23 2017 rev:46 rq:521156 version:2.2.5 Changes: -------- --- /work/SRC/openSUSE:Factory/gd/gd.changes 2017-08-24 18:26:33.323835498 +0200 +++ /work/SRC/openSUSE:Factory/.gd.new/gd.changes 2017-09-08 20:39:24.448831014 +0200 @@ -1,0 +2,25 @@ +Tue Sep 5 13:49:20 UTC 2017 - [email protected] + +- Version update to 2.2.5: + ### Security + - Double-free in gdImagePngPtr(). (CVE-2017-6362) + - Buffer over-read into uninitialized memory. (CVE-2017-7890) + + ### Fixed + - Fix #109: XBM reading fails with printed error + - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable + - Fix #357: 2.2.4: Segfault in test suite + - Fix #386: gdImageGrayScale() may produce colors + - Fix #406: webpng -i removes the transparent color + - Fix Coverity #155475: Failure to restore alphaBlendingFlag + - Fix Coverity #155476: potential resource leak + - Fix several build issues and test failures + - Fix and reenable optimized support for reading 1 bps TIFFs + + ### Added + - The native MSVC buildchain now supports libtiff and most executables +- removed patches (upstreamed): + . gd-freetype.patch + . gd-rounding.patch + +------------------------------------------------------------------- Old: ---- gd-freetype.patch gd-rounding.patch libgd-2.2.4.tar.xz New: ---- libgd-2.2.5.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gd.spec ++++++ --- /var/tmp/diff_new_pack.P4a25A/_old 2017-09-08 20:39:25.592670189 +0200 +++ /var/tmp/diff_new_pack.P4a25A/_new 2017-09-08 20:39:25.596669627 +0200 @@ -19,7 +19,7 @@ %define prjname libgd %define lname libgd3 Name: gd -Version: 2.2.4 +Version: 2.2.5 Release: 0 Summary: A Drawing Library for Programs That Use PNG and JPEG Output License: MIT @@ -33,10 +33,6 @@ Patch2: gd-format.patch # could be upstreamed Patch3: gd-aliasing.patch -# PATCH-FIX-UPSTREAM: build with newer freetype -Patch4: gd-freetype.patch -# PATCH-FIX-UPSTREAM: fix testfailure on 32b platforms -Patch5: gd-rounding.patch # needed for tests BuildRequires: dejavu BuildRequires: libjpeg-devel @@ -96,8 +92,7 @@ %patch1 %patch2 %patch3 -%patch4 -p1 -%patch5 -p1 +chmod 644 COPYING %build # ADDITIONAL CFLAGS ARE NEEDED TO FIX TEST FAILURES IN CASE OF i586, BUT HARMLESS TO APPLY GENERALLY FOR ALL ix86 ++++++ libgd-2.2.4.tar.xz -> libgd-2.2.5.tar.xz ++++++ ++++ 12043 lines of diff (skipped)
