--- libgd2-2.0.35.dfsg.orig/configure +++ libgd2-2.0.35.dfsg/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for GD 2.0.34. +# Generated by GNU Autoconf 2.61 for GD 2.0.35. # # Report bugs to . # @@ -728,8 +728,8 @@ # Identity of this package. PACKAGE_NAME='GD' PACKAGE_TARNAME='gd' -PACKAGE_VERSION='2.0.34' -PACKAGE_STRING='GD 2.0.34' +PACKAGE_VERSION='2.0.35' +PACKAGE_STRING='GD 2.0.35' PACKAGE_BUGREPORT='http://bugs.libgd.org' ac_unique_file="gd.c" @@ -1410,7 +1410,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures GD 2.0.34 to adapt to many kinds of systems. +\`configure' configures GD 2.0.35 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1485,7 +1485,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of GD 2.0.34:";; + short | recursive ) echo "Configuration of GD 2.0.35:";; esac cat <<\_ACEOF @@ -1598,7 +1598,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -GD configure 2.0.34 +GD configure 2.0.35 generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1612,7 +1612,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by GD $as_me 2.0.34, which was +It was created by GD $as_me 2.0.35, which was generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -2126,7 +2126,7 @@ GDLIB_MAJOR=2 GDLIB_MINOR=0 -GDLIB_REVISION=34 +GDLIB_REVISION=35 GDLIBNAME=gd #Expanded by tests later in this file. TBB 2.0.26 #2.0.28: GIF is standard now. Doesn't depend on anything else, @@ -2425,7 +2425,7 @@ # Define the identity of the package. PACKAGE='gd' - VERSION='2.0.34' + VERSION='2.0.35' cat >>confdefs.h <<_ACEOF @@ -24075,7 +24075,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by GD $as_me 2.0.34, which was +This file was extended by GD $as_me 2.0.35, which was generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -24128,7 +24128,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -GD config.status 2.0.34 +GD config.status 2.0.35 configured by $0, generated by GNU Autoconf 2.61, with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" --- libgd2-2.0.35.dfsg.orig/debian/copyright +++ libgd2-2.0.35.dfsg/debian/copyright @@ -0,0 +1,119 @@ +This is GD 2.x packaged for Debian GNU systems. + + + +Upstream source: http://www.libgd.org/releases/ + + + +Upstream author: Pierre-Alain Joye + + + +Copyright and licensing info, main source: + + Portions copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, + 2002 by Cold Spring Harbor Laboratory. Funded under Grant + P41-RR02188 by the National Institutes of Health. + + Portions copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002 by + Boutell.Com, Inc. + + Portions relating to GD2 format copyright 1999, 2000, 2001, 2002 + Philip Warner. + + Portions relating to PNG copyright 1999, 2000, 2001, 2002 Greg + Roelofs. + + Portions relating to gdttf.c copyright 1999, 2000, 2001, 2002 John + Ellson (ellson@lucent.com). + + Portions relating to gdft.c copyright 2001, 2002 John Ellson + (ellson@lucent.com). + + Portions copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 + Pierre-Alain Joye (pierre@libgd.org). + + Portions relating to JPEG and to color quantization copyright 2000, + 2001, 2002, Doug Becker and copyright (C) 1994, 1995, 1996, 1997, + 1998, 1999, 2000, 2001, 2002, Thomas G. Lane. This software is + based in part on the work of the Independent JPEG Group. See the + file README-JPEG.TXT for more information. + + Portions relating to WBMP copyright 2000, 2001, 2002 Maurice + Szmurlo and Johan Van den Brande. + + Permission has been granted to copy, distribute and modify gd in + any context without fee, including a commercial application, + provided that this notice is present in user-accessible supporting + documentation. + + This does not affect your ownership of the derived work itself, and + the intent is to assure proper credit for the authors of gd, not to + interfere with your productive use of gd. If you have questions, + ask. "Derived works" includes all programs that utilize the + library. Credit must be given in user-accessible documentation. + + This software is provided "AS IS." The copyright holders disclaim + all warranties, either express or implied, including but not + limited to implied warranties of merchantability and fitness for a + particular purpose, with respect to this code and accompanying + documentation. + + Although their code does not appear in gd, the authors wish to thank + David Koblas, David Rowley, and Hutchison Avenue Software Corporation + for their prior contributions. + + + +Copyright and licensing info, gd_gif_out.c: + +/* Code drawn from ppmtogif.c, from the pbmplus package +** +** Based on GIFENCOD by David Rowley . A +** Lempel-Zim compression based on "compress". +** +** Modified by Marcel Wijkstra +** +** Copyright (C) 1989 by Jef Poskanzer. +** +** Permission to use, copy, modify, and distribute this software and its +** documentation for any purpose and without fee is hereby granted, provided +** that the above copyright notice appear in all copies and that both that +** copyright notice and this permission notice appear in supporting +** documentation. This software is provided "as is" without express or +** implied warranty. +** +** The Graphics Interchange Format(c) is the Copyright property of +** CompuServe Incorporated. GIF(sm) is a Service Mark property of +** CompuServe Incorporated. +*/ + + + +Copyright and licensing info, strlcpy.c: + + * Copyright (c) 1998 Todd C. Miller + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --- libgd2-2.0.35.dfsg.orig/debian/rules +++ libgd2-2.0.35.dfsg/debian/rules @@ -0,0 +1,121 @@ +#!/usr/bin/make -f +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2002-2007 Jonas Smedegaard + +# NB! Local CDBS tweaks in use. More info in README.cdbs-tweaks +include debian/cdbs/1/rules/buildcore.mk +include debian/cdbs/1/rules/upstream-tarball.mk +include debian/cdbs/1/rules/copyright-check.mk +include /usr/share/cdbs/1/rules/patchsys-quilt.mk +include /usr/share/cdbs/1/class/makefile-vars.mk +include debian/cdbs/1/rules/buildinfo.mk +include /usr/share/cdbs/1/rules/debhelper.mk + +DEB_UPSTREAM_PACKAGE = gd +DEB_UPSTREAM_URL = http://www.libgd.org/releases +DEB_UPSTREAM_TARBALL_MD5 = 982963448dc36f20cb79b6e9ba6fdede + +# Upstream source contains copyrights with questionable or missing licenses +DEB_UPSTREAM_REPACKAGE_TAG = dfsg +DEB_UPSTREAM_REPACKAGE_EXCLUDE = cmake VMS + +pkgname = libgd2 +libname = libgd + +DEB_DH_MAKESHLIBS_ARGS_libgd2-noxpm = -V'libgd2-noxpm (>= $(DEB_UPSTREAM_VERSION)) | libgd2-xpm (>= $(DEB_UPSTREAM_VERSION))' +DEB_DH_MAKESHLIBS_ARGS_libgd2-xpm = -V'libgd2-xpm (>= $(DEB_UPSTREAM_VERSION))' +DEB_INSTALL_DOCS_ALL += index.html readme.jpn + +# compile flags +COMPILER = gcc + +CFLAGS += -D_REENTRANT -pipe + +# build dirs, targets and binaries +BUILD-ARCH-TARGETS = build-libgd2-noxpm build-libgd2-xpm +STAMP-ARCH-TARGETS = $(patsubst build-%,stamp-%,$(BUILD-ARCH-TARGETS)) +BINARY-ARCH-TARGETS = $(patsubst build-%,binary-%,$(BUILD-ARCH-TARGETS)) +TOOLS = pngtogd pngtogd2 gdtopng gd2topng gd2copypal gdparttopng webpng +TESTS = gddemo gdtest + +DEB_INSTALL_CHANGELOGS_ALL += index.html readme.* + +DEB_SHLIBDEPS_LIBRARY_ALL = -Llibgd2-noxpm -ldebian/libgd2-noxpm/usr/lib + +common-configure-arch common-configure-indep:: configure-stamp +configure-stamp: + dh_testdir + chmod -R a=r,a+X,u+w * + chmod a+x debian/rules configure + cp -f /usr/share/misc/config.* config/ + -mkdir $(BUILD-ARCH-TARGETS) + cd $(CURDIR)/build-libgd2-noxpm && ../configure --prefix=/usr --without-x --without-xpm --without-fontconfig --disable-rpath + cd $(CURDIR)/build-libgd2-xpm && ../configure --prefix=/usr --with-x --disable-rpath + touch $@ + +# Build shared libc6 library without Xpm support. +build/libgd2-noxpm:: stamp-libgd2-noxpm +stamp-libgd2-noxpm: + dh_testdir + cd build-libgd2-noxpm && $(MAKE) + LD_PRELOAD=$(CURDIR)/build-libgd2-noxpm/.libs/libgd.so $(CURDIR)/build-libgd2-noxpm/gddemo + LD_PRELOAD=$(CURDIR)/build-libgd2-noxpm/.libs/libgd.so $(CURDIR)/build-libgd2-noxpm/gdtest demoin.png + perl debian/doc_cleaner.pl index.html | html2text -nobs -o README + touch $@ + +# Build shared libc6 library with Xpm support. +build/libgd2-xpm:: stamp-libgd2-xpm +stamp-libgd2-xpm: + dh_testdir + cd build-libgd2-xpm && $(MAKE) + touch $@ + +clean:: + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp $(STAMP-ARCH-TARGETS) README + rm -rf $(BUILD-ARCH-TARGETS) + rm -rf debian/tmp-libgd2-noxpm debian/tmp-libgd2-xpm + cd test && rm -f gdtest_wbmp_to_png.png gdtest.jpg gdtest.wbmp + rm -f demoout.png demooutp.png demoout.gif demooutp.gif + dh_clean + +install/libgd2-noxpm:: + cd build-libgd2-noxpm && make install DESTDIR=$(CURDIR)/debian/tmp-libgd2-noxpm + +install/libgd2-xpm:: + cd build-libgd2-xpm && make install DESTDIR=$(CURDIR)/debian/tmp-libgd2-xpm + +# Let d-shlibs handle dev package dependencies and shlib install +# Strip pre-sarge X11 fallback dependencies (until fixed in d-shlibs itself) +binary-post-install/libgd2-noxpm:: + d-shlibmove --commit \ + --override 's/ | xlibs-dev (<< 4.3.0)//' \ + --override s/libstdc++6-dev// \ + --override s/libxml2-2-dev/libxml2-dev/ \ + --movedev "debian/tmp-$(cdbs_curpkg)/usr/include/*" usr/include/ \ + --movedev "debian/tmp-$(cdbs_curpkg)/usr/bin/gdlib-config" usr/bin/ \ + --suffix -noxpm --devsuffix -noxpm \ + debian/tmp-$(cdbs_curpkg)/usr/lib/$(libname).so + +binary-post-install/libgd2-xpm:: + d-shlibmove --commit \ + --override 's/ | xlibs-dev (<< 4.3.0)//' \ + --override s/libstdc++6-dev// \ + --override s/libxml2-2-dev/libxml2-dev/ \ + --movedev "debian/tmp-$(cdbs_curpkg)/usr/include/*" usr/include/ \ + --movedev "debian/tmp-$(cdbs_curpkg)/usr/bin/gdlib-config" usr/bin/ \ + --suffix -xpm --devsuffix -xpm \ + debian/tmp-$(cdbs_curpkg)/usr/lib/$(libname).so + +# Needed by upstream for all flavors +CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), libpng12-dev, libz-dev, libjpeg62-dev + +# Needed by upstream for xpm flavor +CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), libfreetype6-dev, libxpm-dev, libx11-dev, libxt-dev, libfontconfig-dev + +# Needed for our packaging +CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), d-shlibs (>= 0.30) + +# Fix duplicate cdbs build-dependencies +CDBS_BUILD_DEPENDS := $(shell echo '$(CDBS_BUILD_DEPENDS)' | sed -e '/\bcdbs (>= 0.4.39)/ s/ *,* *\bcdbs (>= \(0.4.23-1.1\|0.4.27-1\)) *,* */, /g' -e 's/^ *, *//' -e 's/ *, *$$//') --- libgd2-2.0.35.dfsg.orig/debian/changelog +++ libgd2-2.0.35.dfsg/debian/changelog @@ -0,0 +1,823 @@ +libgd2 (2.0.35.dfsg-3ubuntu2.1) hardy-security; urgency=low + + * SECURITY UPDATE: denial of service and possible code execution via GD + file with large number of colors + - debian/patches/9000_security_CVE-2009-3546.patch: make sure number of + colors specified in gd file isn't bigger than gdMaxColors in gd_gd.c. + - CVE-2009-3546 + + -- Marc Deslauriers Wed, 04 Nov 2009 09:42:29 -0500 + +libgd2 (2.0.35.dfsg-3ubuntu2) hardy; urgency=low + + * debian/rules: Remove -Wl,--disable-rpath from CFLAGS, as this is not + a valid linker option. LP: #194518. + * debian/rules: export the CFLAGS, so they're consistently used even + when not called via dpkg-buildpackage. + + -- Steve Langasek Sun, 24 Feb 2008 07:10:48 +0000 + +libgd2 (2.0.35.dfsg-3ubuntu1) hardy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - maintainer field updates + + -- Kees Cook Thu, 06 Dec 2007 17:02:21 -0800 + +libgd2 (2.0.35.dfsg-3) unstable; urgency=high + + * Add patch hand-picked from upstream CVS: + + gdImageColorTransparent can write outside buffer + * Raise to urgency=high as this a small, security-related bugfix. + + -- Jonas Smedegaard Sun, 16 Sep 2007 21:57:28 +0200 + +libgd2 (2.0.35.dfsg-2) unstable; urgency=medium + + * Add patch (using patchsystem-quilt.mk cdbs snippet) hand-picked from + upstream CVS to fix various security-related issues: + + _gdCreateFromFile() can crash if gdImageCreate fails + + gdImageCreateFrom*Ptr() can crash if gdNewDynamicCtxEx() + + gdImageRectangle draws 1x1 rectangles as 1x3 rectangles + + Possible integer overflow in gdImageFill() + + Optimization for single pixel line not in correct order + + gdImageColorDeallocate can write outside buffer + * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control. + * Update cdbs tweaks: + + Support non-dot-delimited repackaging tag in update-tarball. + + update-tarball needs recent cdbs (only relevant for backports). + * Cleanup duplicate build-dependencies in debian/rules. + * Semi-auto-update debian/control: + DEB_BUILD_OPTIONS=cdbs-autoupdate fakeroot debian/rules pre-build + * Fix shlibs dependencies: Use DEB_UPSTREAM_VERSION (instead of custom + version variables). + * Set urgenvy=medium due to the security-related fixes. + + -- Jonas Smedegaard Tue, 04 Sep 2007 20:28:46 +0200 + +libgd2 (2.0.35.dfsg-1) unstable; urgency=low + + * New upstream release. Closes: bug#431443, thanks to Sean Finney. + * Repackage source tarball to avoid files below VMS and cmake that + contains copyrights with questionable or missing licensing info. + * Switch to team maintainance using Alioth project pkg-gd, and myself + and Sean Finney as uploaders. Others interested in helping out + maintaining packaging of GD and related packages, please get in + touch with us at pgk-gd-devel@lists.alioth.debian.org . + * Update CDBS tweaks: + + Minor improvements to upstream-tarball.mk. + + Advertise debian/README.cdbs-tweaks in debian/rules. + * Replace deprecated ${Source-Version} with Use binNMU-safe + ${binary:Version} in debian/control. Thanks to Lintian. + * Update debian/copyright to include new copyright (BSD) for the file + strlcpy.c. + + -- Jonas Smedegaard Sun, 12 Aug 2007 13:40:55 +0200 + +libgd2 (2.0.34-1ubuntu1) gutsy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - maintainer field updates + * gd_png.c: apply upstream fixes for endless loop bug. + * References + http://bugs.libgd.org/?do=details&task_id=86 + CVE-2007-2756 + + -- Kees Cook Mon, 11 Jun 2007 14:24:51 -0700 + +libgd2 (2.0.34-1) unstable; urgency=low + + * New upstream release. + * Update cdbs tweaks: + + Switch from vcs.mk to improved upstream-tarball.mk. + + Minor updates to copyright-check. + + Minor documentation updates. + * Use debhelper.mk cdbs snippet (greatly simplifies custom rules). + * No longer set library version (upstream takes care of this now). + * Use www.libgd.org (not just libgd.org) as homepage. + * Update watch file to use new upstream source (ignoring prereleases). + * Cleanup package dependencies: + + Provide virtual packages libgd-dev and libgd2. + + Drop conflicts on pre-Sarge packages. + + Fix conflicting with libgd-noxpm-dev (was libgd-xpm-dev twice). + * Fix old changelog entry closing bug#167976, to please lintian. + + -- Jonas Smedegaard Thu, 17 May 2007 12:29:12 +0200 + +libgd2 (2.0.34~rc1-2ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + + -- Kees Cook Tue, 6 Feb 2007 21:15:32 -0800 + +libgd2 (2.0.34~rc1-2) unstable; urgency=high + + * Use CDBS-calculated DEB_UPSTREAM_VERSION for package dependencies + (and locally-calculated version string only for soname). Fixes + unsatisfiable dependenices with the current odd version number and + thus closes: bug#409213 (thanks to Aaron M. Ucko). + * Move inclusion of copyright-check cdbs snippet below cleanup, to + avoid possible FTBFS. + * Invoke ldconfig in postinst/postrm. + + -- Jonas Smedegaard Thu, 1 Feb 2007 17:52:57 +0100 + +libgd2 (2.0.34~rc1-1) unstable; urgency=high + + * New upstream prerelease. + * Drop all patches. Bugfixing patches are all either adopted or + differently implemented upstream now, and the only feature patch to + improve anti-aliasing is recommended by upstream to be avoided for + now (will be included in later releases of GD). + * Drop pthreads workaround. Upstream now properly handles this. + * Avoid fallback build-dependencies on xlibs-dev, thanks to lintian. + Avoid *-dev package dependencies too, and tighten build-dependency + on d-shlibs to versions supporting the neat new runtime override + feature of d-devlibdeps used for this. + * Drop duplicate build-dependency on autotools-dev, thanks to lintian. + * Bump up standards-version to 3.7.2. + * Update debian/copyright and long descriptions with new upstream + author and new upstream URLs. + * Semi-autoupdate debian/control to have the above take effect: + $ DEB_BUILD_OPTIONS=cdbs-autoupdate fakeroot debian/rules clean + * Update debian/copyright-hints due to the relibtoolization. + * Add new CDBS snippet vcs.mk hinting about the source environment. + * Fix copyright-check CDBS snippet to properly ignore also + CDBS-overridden autotools files. + * Set urgency high, as the older pathced code is known to contain + several bugs fixed in current upstream code. Work is ongoing about + resolving if any of those bugs have known security issues with an + official CVE. + + -- Jonas Smedegaard Tue, 30 Jan 2007 15:06:48 +0100 + +libgd2 (2.0.33-6) unstable; urgency=high + + * Acknowledge NMUs. Closes: bug#384838, #383747. Thanks to Paul and + Martín Ferrari, and to Andreas Barth and Steinar H. Gunderson for + watching my back. + * Update local cdbs snippets (and add debian/README.cdbs-tweaks to + source, documenting their purpose), fixing a FTBFS. Closes: + bug#396174, thanks to Martin Pitt. + * Semi-autoupdate debian/control to have the above take effect: + $ DEB_BUILD_OPTIONS=cdbs-autoupdate fakeroot debian/rules clean + * Add patch 1009 to fix segfaults due to lack of boundary checks for + anti-aliasing. Closes: bug#404774, thanks (again!) to Paul. + * Set urgency=high as the above is important to include with etch. + + -- Jonas Smedegaard Mon, 1 Jan 2007 20:18:13 +0100 + +libgd2 (2.0.33-5.2ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - debian/rules: Don't use copyright-check.mk, it breaks cleaning. + + -- Martin Pitt Tue, 19 Dec 2006 16:14:39 +0100 + +libgd2 (2.0.33-5.2) unstable; urgency=high + + * Non-maintainer upload. + * remove 1006_western_european_fonts.patch, as this breaks (at least) + two different packages, and creates issues for people with central + european encoding. It is also an unnecessary derivation from upstream. + Closes: #383747 + + -- Andreas Barth Wed, 29 Nov 2006 16:34:54 +0000 + +libgd2 (2.0.33-5.1ubuntu1) feisty; urgency=low + + * Synchronize to Debian, remaining Ubuntu changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - debian/rules: Don't use copyright-check.mk, it breaks cleaning. + + -- Martin Pitt Mon, 30 Oct 2006 11:18:06 +0100 + +libgd2 (2.0.33-5.1) unstable; urgency=medium + + * Non-maintainer upload. + * 1008_segfault_invalid_gif.patch: New patch, adapted by Stefan Fritsch; + fixes segfault (and possible security issue) when reading some forms + of corrupted GIFs. (Closes: #384838) + + -- Steinar H. Gunderson Mon, 11 Sep 2006 01:24:24 +0200 + +libgd2 (2.0.33-5) unstable; urgency=low + + * Merge patch 1002 with different approach from ubuntu, and rename as + 1002_CVE-2006-2906 now that the bug (infinite loop in GIF code) has + an official name. Closes: bug#372912 (thanks to Alec Berryman + for reporting, and to Martin Pitt + for providing a patch). + * Add patch to switch to western european fonts (ISO8859-1/ISO8859-15) + instead of the current eastern european (ISO8859-2). + * Add --without-xpm option to configure when compiling -noxpm variant. + Closes: bug#370572 (thanks to Omniflux ). + * Indent Homepage string in long descriptions. + * Add patch 1007 to avoid advertising external libraries in + gdlib-config script (advertise them in new --static-libs instead). + Closes: bug#375806 (thanks to Samuel Thibault + ). + + -- Jonas Smedegaard Mon, 17 Jul 2006 02:15:53 +0200 + +libgd2 (2.0.33-4ubuntu2) edgy; urgency=low + + * SECURITY UPDATE: DoS due to infinite loop. + * Add debian/patches/1006_infinite_loop.patch: + - Cut off loops in GIF reading functions after 1024 iterations to prevent + infinite loops. + - Patch provided from upstream (Xavier Roche). + - CVE-2006-2906 + + -- Martin Pitt Wed, 11 Oct 2006 14:46:59 +0200 + +libgd2 (2.0.33-4ubuntu1) edgy; urgency=low + + * Drop seemingly unnecessary build-dep on gnulib. + * Drop annoying copyright check that breaks the clean target. + + -- Scott James Remnant Tue, 3 Oct 2006 14:28:36 +0100 + +libgd2 (2.0.33-4) unstable; urgency=low + + * Have libgd-noxpm-dev provide libgd2-dev (a virtual package since + woody). libgd-xpm-dev does not provide it, as the two packages does + not provide same shlibdeps info: Both provide same ABI but not same + package dependencies, so those requiring XPM support will want to + explicitly (build-)depend on that variant. Closes: bug#350704, + #358306 (thanks to Daniel Schepler and + Martin Michlmayr for reporting, and to Junichi + Uekawa for patience and helpful input). + * Use quilt (instead of CDBS builtin patch routines). + * Use local cdbs snippet to enable debian-control (semi-)auto-update. + * Update local cdbs snippet buildinfo.mk: + + Correct namespace. + * Update local cdbs snippet copyright-check.mk: + + Correct namespace. + + Treat all found files as non-binary. + + Broaden scan to also look for "(c)" by default. + + Make egrep options configurable. + * Semi-auto-update debian/control (nothing remarkable). + * Semi-auto-update debian/copyright_hints (nothing remarkable). + * Renumber and unfuzz patches, and add debian/patches/README + documenting the new numbering scheme. + * Add patch 1003 fixing an antialiasing segfault. Closes: bug#364024 + (thanks to Paul ). + * Add patch 1004 improving antialiasing lines at image edges (thanks + to Paul ). + * Add patch 1005 to more sanely bail out on missing or wrong data, and + include config.h also for tools and examples. This closes: + bug#360966 (thanks to the Graphviz project were these was extracted + from, and to Matthias Klose reporting it). + + -- Jonas Smedegaard Sun, 21 May 2006 09:51:07 +0200 + +libgd2 (2.0.33-3) unstable; urgency=low + + * Update debian/rules only if DEB_BUILD_OPTIONS contains "update". + * Auto-update debian/rules (and manually strip bogus build-dependency + on build-essential). + * Upgrade watch file to version 3. + * Standards version 3.6.2. + * Mention homepage (not website) on long descriptions. + * Add new local cdbs snippet copyright-check.mk. + * Update debian/copyright with differing (but still DFSG-free) + licensing of gd_gif_out.c (thanks to copyright-check.mk). + * Update TODO with a bunch of entries to the "packaging hall of shame" + (list of packages without -noxpm support). + * Add patch to not treat negative return values from buffer routines + as ok. Closes: bug#308981, #312500 (both thanks to Jim Meyering + ). + * Dropped old transitional packages libgd2 and libgd2-dev. Closes: + bug#322044 (thanks to Javier Fernández-Sanguino Peña + ). + + -- Jonas Smedegaard Thu, 8 Dec 2005 02:29:44 +0100 + +libgd2 (2.0.33-2) unstable; urgency=low + + * Acknowledge NMU. Closes: bug#278625, #283991 (thanks to Martin Pitt + , Steve Kemp and others). + * Revert order of dependencies for transitional packages to favor -xpm + over -noxpm, and thus avoid surprises when upgrading from woody. + Closes: bug#291783 (thanks to Don Armstrong ). + * Rerun "libtoolize -c -f; aclocal-1.9; autoconf" with newer + autotools. + * Use cdbs (except debhelper snippet: too big change for now). + * Define version strings "simply expanded" (small compile speedup). + + -- Jonas Smedegaard Thu, 21 Apr 2005 16:10:34 +0200 + +libgd2 (2.0.33-1.1) unstable; urgency=high + + * Non-maintainer upload with permission from Jonas + * Apply patch to close security hole CAN-2004-0941 + + -- Steve Kemp Thur, 3 Dec 2004 19:09:54 +0000 + +libgd2 (2.0.33-1) unstable; urgency=low + + * New upstream release. + + Improved font handling. Closes: Bug#281349 (thanks to Alexander + Schories ). + * Improve build rules to support kfreebsd-gnu. Closes: Bug#268280 + (thanks to Robert Millan ), and probably also + bug#276441 (but leaving open until confirmed). + + Patch autoconf.ac to work around broken detection of pthreads. + + Run "libtoolize -c -f; aclocal-1.9; autoconf" once. + + Include the above patch with source, for use with newer upstream + releases. + + Update config.guess and config.sub at build time. + + Build-depend on autotools-dev for the above. + + Update config.rpath from http://savannah.gnu.org/projects/gnulib + (grabbed from CVS). + * Build -noxpm variant without fontconfig support as well (and add + TODO note about possibly renaming to -nobloat in the future). + * Mention fontconfig support (or lack thereof) to long descriptions. + Closes: bug#280369 (thanks to Josip Rodin and Julian + Mehnle ). + * Drop obsolete and unused debian/rocks file. + * Update TODO: rrdtool now properly acknowledges -noxpm (at last!). + + -- Jonas Smedegaard Sun, 7 Nov 2004 14:08:29 +0100 + +libgd2 (2.0.30-1) unstable; urgency=high + + * New upstream release: + + Security fix: potential buffer overflow (CAN-2004-0990). Closes: + bug#278625 (thanks to Martin Pitt ). + * Tightened d-devlibdeps build-dependency (local hack is adopted now). + * New fontconfig support enabled. + * Include "hall of shame" to TODO. + * Set urgency=high as this closes a security-related bug in sarge. + + -- Jonas Smedegaard Sat, 30 Oct 2004 22:22:10 +0200 + +libgd2 (2.0.28-3) unstable; urgency=high + + * Acknowledge NMU (thanks to Simon Richter for + noticing and Steve Langasek for providing the + fix). The bugreport contains other less urgent parts not fixed by + this package, so will be split/closed manually. + * Temporarily use local hacked d-devlibdeps that correctly (more or + less, but at least better than before) resolve the recent X11 + package split (bugreport filed against devlibs). + * Clean out test gif's on clean target (in addition to png's). + * Keep urgency=high for the RC bugfix to reach sarge, and because all + the changes affects no binaries, only packaging hints. + + -- Jonas Smedegaard Mon, 13 Sep 2004 18:29:45 +0200 + +libgd2 (2.0.28-2.1) unstable; urgency=high + + * Non-maintainer upload. + * High-urgency upload for sarge-targetted RC fix. + * Add build-dependency on libxt-dev to ensure that libgd2-xpm really + does support XPMs (closes: #270655). + + -- Steve Langasek Wed, 22 Sep 2004 04:32:23 -0700 + +libgd2 (2.0.28-2) unstable; urgency=low + + * Build-depend on libx11-dev (in addition to libxpm-dev) to actually + include XPM support in the -xpm packages (broken on all but powerpc + since 2.0.23-1), and configure explicitly using --with-xpm + to hopfully fail less silently in the future. Thanks to Matt + Zimmerman for spotting the bug. + + -- Jonas Smedegaard Wed, 28 Jul 2004 11:17:10 +0200 + +libgd2 (2.0.28-1) unstable; urgency=low + + * New upstream release. Closes:Bug#260793 (thanks to Adam Conrad + ). + * Drop TODO about dropping noxpm packages: Even with the new fine- + grained packaging of X11 libraries XPM support still pulls in + several megabytes irrelevant for most web server applications (the + most popular usage of GD). + * Minor corrections to gdlib-config man page. + + -- Jonas Smedegaard Thu, 22 Jul 2004 14:18:45 +0200 + +libgd2 (2.0.27-1) unstable; urgency=low + + * New upstream release. Closes: Bug# 254569 (except request for LZW + support - I rely on the good judgement of upstream. Thanks anyway + to Domenico Andreoli for the suggestion). + * Cleaned up debian/copyright: + + Replace info contained in changelog with note on "GNU systems". + + Declare each topic more strictly. + + Mention "licensing info" together with copyright. + * Improved long descriptions: + + General introduction to GD in all (non-transitional) packages + + Website URL added + + -- Jonas Smedegaard Sat, 17 Jul 2004 15:03:27 +0200 + +libgd2 (2.0.23-2) unstable; urgency=low + + * Rebuild to override secret NMU (HEY!!! when did we change rules to + not need to warn before doing an NMU?!?). Still closes: Bug#243500, + #238890. + + -- Jonas Smedegaard Thu, 22 Apr 2004 00:36:44 +0200 + +libgd2 (2.0.23-1) unstable; urgency=low + + * New upstream release. Closes: Bug#243500 (thanks to Jan-Åke Larsson + ). + * Acknowledge NMU. Closes: Bug#238890 (thanks to Domenico Andreoli + ). + * Build-depend on libxpm-dev, with only a fallback to older xlibs-dev. + * Use (and build-depend on) dh_buildinfo. + * Add debian/TODO to source package, with notes on noxpm branch and + interest in switching to cdbs (bzzzt, this changelog entry should + *not* count in the "taking over the world" statistics of cdbs ;-) ). + + -- Jonas Smedegaard Wed, 21 Apr 2004 23:36:28 +0200 + +libgd2 (2.0.22-0.1) unstable; urgency=low + + * New upstream release. Closes: Bug#238890. + * This is a NMU. + + -- Domenico Andreoli Fri, 19 Mar 2004 18:09:11 +0100 + +libgd2 (2.0.20-1) unstable; urgency=low + + * New upstream release. Closes: Bug#226179. + + -- Jonas Smedegaard Fri, 9 Jan 2004 03:58:46 +0100 + +libgd2 (2.0.16-1) unstable; urgency=low + + * New upstream release. + * FreeType headers are now properly handled. Closes: Bug#224789. + * Bump up (and correct syntax of) standards-version to 3.6.1 (no + changes needed). Closes: Bug#210415. + + -- Jonas Smedegaard Thu, 25 Dec 2003 00:35:51 +0100 + +libgd2 (2.0.15-1) unstable; urgency=low + + * New upstream release. + * Standards version 3.6 (no changes needed). + + -- Jonas Smedegaard Tue, 22 Jul 2003 11:54:41 +0200 + +libgd2 (2.0.12-2) unstable; urgency=low + + * Have development packages conflict with libgd-gif1-dev. This relates + to Bug#191039 (thanks to Martin Schulze ). + * This package complies with Debian Policy 3.5.10. + + -- Jonas Smedegaard Fri, 16 May 2003 17:56:22 +0200 + +libgd2 (2.0.12-1) unstable; urgency=low + + * New upstream release. + * Correct paths to shared libraries for generating -dev dependencies. + * Switch debhelper hint from DH_COMPAT to debian/compat. + * Claim compliance with Policy 3.5.9 (no changes needed). + * Change section devel to libdevel. + * Run configure using --disable-rpath (although it is still ignored). + + -- Jonas Smedegaard Sun, 13 Apr 2003 22:39:43 +0200 + +libgd2 (2.0.11-3) unstable; urgency=low + + * Update doc_cleaner.pl to make html file completely weblint-clean + (required for woody, so closes: Bug#185492). + + -- Jonas Smedegaard Wed, 19 Mar 2003 23:38:54 +0100 + +libgd2 (2.0.11-2) unstable; urgency=low + + * Simplify debian/rules a bit: Remove the INSTALL* definitions that + may have stripped the binaries (not sure if it is honoured by the + automade Makefile, but better safe than sorry). + + -- Jonas Smedegaard Fri, 7 Mar 2003 01:29:49 +0100 + +libgd2 (2.0.11-1) unstable; urgency=low + + * New upstream release (closes: Bug#170353). + * Adapt debian/rules to the new proper configure script. + * Drop DBS and use plain debhelper instead. Adapt build-depends. + * Use homebrewn debian/doc_cleaner.pl to clean the html doc instead of + a patch (more sustainable if upstream chooses to not fix the + horrible html with next release). + * Mention new binary annotate in libgd-tools.1 manpage and add a + symlink. + * Remove obsolete dh_undocumented from debian/rules. + * Add a minimal manpage for the new helper script gdlib-config. + + -- Jonas Smedegaard Sun, 16 Feb 2003 02:00:42 +0100 + +libgd2 (2.0.4-11) unstable; urgency=low + + * Relax dependency for transitional packages of their real + counterparts. + + -- Jonas Smedegaard Mon, 16 Dec 2002 02:02:35 +0100 + +libgd2 (2.0.4-10) unstable; urgency=low + + * Use d-shlibdeps package again, and build-depend on corrected + versions of the package. + * Declare compliance with Policy version 3.5.8.0 (no changed needed). + * Remove full stop in description to please lintian. + + -- Jonas Smedegaard Mon, 16 Dec 2002 01:50:10 +0100 + +libgd2 (2.0.4-9) unstable; urgency=medium + + * The "Will we ever make it in time...?" release. + * Use a local hacked d-devlibdeps (to properly handle libXpm + dependency), and remove build-depend on d-shlibs. + * Use html2text instead of w3m (as w3m doesn't build on all + platforms). Thanks to Adam Conrad for pointing it + out. Hack the html to be weblint-clean for html2text to accept it. + * Set urgency=medium - same argument as below. + + -- Jonas Smedegaard Sun, 24 Nov 2002 21:01:27 +0100 + +libgd2 (2.0.4-8) unstable; urgency=high + + * Have libgd2-(no)xpm replace libgd2 older than 2.0.4-2 (when it + became a transitional package, instead of a virtual on (which is + ignored by Replaces:), and instead of the old plain package). + * Set urgency=high, as only change is with this extra hint, and we + really want this in testing soon - even with the current + (unreported) bug it does more good than harm to let it in. + + -- Jonas Smedegaard Thu, 21 Nov 2002 06:36:41 +0100 + +libgd2 (2.0.4-7) unstable; urgency=low + + * Conflict with old virtual libgd2(-dev) packages (closes: Bug#16881). + + -- Jonas Smedegaard Wed, 13 Nov 2002 00:16:26 +0100 + +libgd2 (2.0.4-6) unstable; urgency=low + + * Preload libgd.so when running tests. Allows building without libgd2 + already installed, and closes: Bug#167976. + + -- Jonas Smedegaard Wed, 6 Nov 2002 06:03:09 +0100 + +libgd2 (2.0.4-5) unstable; urgency=low + + * Have -dev packages conflict on libgd-(no)xpm-dev. + * Have only transitional packages provide and conflict libgd1g, + libgd1-altdev and old -tools packages. + * Change build-depends to only the virtual libz-dev and libpng12-dev + (not their real counterparts as well). + * Add watch file. + + -- Jonas Smedegaard Wed, 6 Nov 2002 05:25:56 +0100 + +libgd2 (2.0.4-4) unstable; urgency=low + + * Use (and build-depend on) d-shlibs to make proper depends for -dev + packages. + * Tidy debian/ by generating debhelper files in configure target and + remove it on clean. + + -- Jonas Smedegaard Mon, 4 Nov 2002 19:00:36 +0100 + +libgd2 (2.0.4-3) unstable; urgency=low + + * Correct dependencies for transitional packages. + + -- Jonas Smedegaard Mon, 4 Nov 2002 17:33:31 +0100 + +libgd2 (2.0.4-2) unstable; urgency=low + + * Provide transitional packages (a virtual package cannot satisfy a + versioned dependency). + * Tighten libgd2-xpm-dev to only same lib (noxpm binaries work well + with xpm lib, but not the other way around). + * Generate shlibs files without debhelper (to correctly do the + above). + * Simplify dh_shlibdeps invocation (it is really only used for + libgd-tools anyway) and avoid using -L flag (to allow rebuild on + woody with debhelper << 4.1.1 where the flag first appeared). + * Enable tests (gddemo and gdtest). + * Include test images as examples in -dev packages. + * Remove TODO.Debian (the item - warnings possibly caused by + signedness problems - have been dealt with upstream). + + -- Jonas Smedegaard Mon, 4 Nov 2002 15:30:29 +0100 + +libgd2 (2.0.4-1) unstable; urgency=low + + * New upstream release. + * Update gdft patch 02add_gdImageStringFTEx. + * Update configure patch 01makefile_generic_install. + * Make sure not to compile libgd.a with -fPIC. + * Corrections to debian/rules to adapt to new configure. + + -- Jonas Smedegaard Mon, 28 Oct 2002 02:40:39 +0100 + +libgd2 (2.0.2-2) unstable; urgency=low + + * Add unofficial function gdImageStringFTEx to not break binary + compatibility with 2.0.1 (thanks to Nils Rennebarth + for complaining and providing the + patch. + * Fix building without libgd2-dev already installed. + * Fix linking libgd-tools against libgd2-noxpm (not static built). + * Suggest noxpm in favor of xpm for packages built against noxpm. + * Build-depend on new libpng12-0-dev and on zlib1g-dev, with fallback + to their virtual packages. + + -- Jonas Smedegaard Sat, 26 Oct 2002 10:32:56 +0200 + +libgd2 (2.0.2-1) unstable; urgency=low + + * New upstream version. + + Antialiased freetype text output now works properly in both + truecolor and non-truecolor contexts! + + By default, alpha blending is now done within the library. Also, + by default, alpha channel is not saved with PNG images. + * Repackage using dbs (with no patches applied for now). + * Readme only html now, so build a text version (and build-depend on + w3m). + * Update debian/copyright (years added, and contact address changed). + * Correct libgd-tools dependency on libgd2-(no)xpm. + * Build and run tests. + + -- Jonas Smedegaard Tue, 22 Oct 2002 01:46:22 +0200 + +libgd2 (2.0.1-19) unstable; urgency=low + + * Conflict with libgd2 (and closes: #158639, #157920). + + -- Jonas Smedegaard Thu, 29 Aug 2002 03:50:26 +0200 + +libgd2 (2.0.1-18) unstable; urgency=low + + * Build against libpng3 (thanks to Junichi Uekawa for cleaning up the + mess finally!). + + -- Jonas Smedegaard Sun, 18 Aug 2002 18:30:28 +0200 + +libgd2 (2.0.1-17) unstable; urgency=low + + * Install libgd-tools.1 (closes: #130499). + + -- Jonas Smedegaard Sun, 11 Aug 2002 02:41:02 +0200 + +libgd2 (2.0.1-16) unstable; urgency=low + + * Correct shlibs dependency on libgd2-xpm (not the virtual libgd2). + Thanks to Chris Halls for spotting the error, + which closes: #155498. + + -- Jonas Smedegaard Mon, 5 Aug 2002 16:58:06 +0200 + +libgd2 (2.0.1-15) unstable; urgency=low + + * Patch gdft.c for truecolor antialiasing. Patch found at + http://www.coupin.net/gd-freetype/ thanks to Michael Ganss + , and closes: #154112. + + -- Jonas Smedegaard Mon, 29 Jul 2002 04:04:52 +0200 + +libgd2 (2.0.1-14) unstable; urgency=low + + * Correct bug related to color resolving, thanks to Egon Eckert + . + + -- Jonas Smedegaard Sun, 28 Jul 2002 10:28:30 +0200 + +libgd2 (2.0.1-13) unstable; urgency=low + + * libgd2-xpm-dev should depend on libgd2-xpm, not libgd2. + + -- Jonas Smedegaard Sat, 13 Jul 2002 17:33:04 +0200 + +libgd2 (2.0.1-12) unstable; urgency=low + + * Include docs in all packages. + + -- Jonas Smedegaard Sat, 13 Jul 2002 17:21:20 +0200 + +libgd2 (2.0.1-11) unstable; urgency=low + + * The "No more potatoes" release. + * Major rewrite of debian/* to use debhelper V4. + * Remove libgd.a from libgd-tools. + * Rename libgd2 to libgd2-xpm and use libgd2 as a virtual package. + * Add new package libgd2-noxpm-dev and do the same rename as above + with -dev. + * Include all header files (some where left out) in -dev packages. + * Tighten shlib dependency to at least this build to avoid the old + mess... + * Add all demos from libgd-tools as example source in -dev. Remove + compiled demos from -tools. + * Add debug and nostrip support to debian/rules. + * Add contact address gd@boutell.com to debian/copyright. + * Remove libgd-tools Conflicts on libgd2-noxpm - they should work fine + together (none of the tools use xpm). + * Move libgd-tools Conflicts and Replaces on older libgd-tools to + libgd2-xpm and -noxpm to make lintian happier. Suggest -tools as + well. + * Include/improve comment about XPM for long descriptions. + * Set sane access rights on whole source as part of clean target. + * Write a manpage for the libgd-tools applications to please lintian + (and the rest of the world). This closes: Bug#130499. + + -- Jonas Smedegaard Sat, 13 Jul 2002 16:20:27 +0200 + +libgd2 (2.0.1-10) unstable; urgency=low + + * Correct a typo (my fault!) whith the patch. This closes: bug#142946. + + -- Jonas Smedegaard Mon, 15 Apr 2002 11:22:32 +0200 + +libgd2 (2.0.1-9) unstable; urgency=low + + * Change ligd-tools priority from extra to optional. + * Include patch from Stephen to handle antialiasing + (let's hope we make it for Woody). + + -- Jonas Smedegaard Wed, 10 Apr 2002 12:48:11 +0200 + +libgd2 (2.0.1-8) unstable; urgency=low + + * Add both xpm and non-xpm to substvars files, thanks to Joey Hess. + * Now that we are at it: Loosen up shlibs dependencies. + + -- Jonas Smedegaard Mon, 25 Mar 2002 22:46:10 +0100 + +libgd2 (2.0.1-7) unstable; urgency=low + + * Oops - now _really_ loosen up libpng2-dev dependency... + + -- Jonas Smedegaard Fri, 22 Feb 2002 04:43:53 +0100 + +libgd2 (2.0.1-6) unstable; urgency=low + + * Reflect changes in (NMU of) libpng3 and only Build-conflicts: the + badly hinted one, to loosen up libpng2 dependency to all _real_ + releases available (and possibly libpng3 if indeed it is/becomes as + compatible as claimed!). + * Change libgd-tools priority and libgd2-dev section to make Debian + Installer happy. + + -- Jonas Smedegaard Fri, 22 Feb 2002 02:10:37 +0100 + +libgd2 (2.0.1-5) unstable; urgency=low + + * Build a -noxpm variant. + + -- Jonas Smedegaard Fri, 1 Feb 2002 02:49:59 +0100 + +libgd2 (2.0.1-4) unstable; urgency=low + + * Another workaround to the libpng{2,3} mess: build-depend on specific + version to avoid illegal versioned build-conflict on (sometimes!) + virtual package. This will probably cause problems on autobuilders + as well (if they still see replacing libpng-dev with libpng2-dev as + a downgrade), but should at least be legal. + * Add readme.* to libgd2-dev. + + -- Jonas Smedegaard Sun, 20 Jan 2002 15:08:43 +0100 + +libgd2 (2.0.1-3) unstable; urgency=low + + * Put back conflicts/replaces on libgd-tools (<<2.0.0). They where + needed after all (even though lintian complains). + + -- Jonas Smedegaard Sun, 13 Jan 2002 16:19:51 +0100 + +libgd2 (2.0.1-2) unstable; urgency=low + + * New maintainer (thanks, Ivo :-). Updating maintainer field. + * Strip non-libgd2 part of changelog (go read the one from libgd + package if interested in older changes). + * Updating copyright file (Closes: #119288). + * Cleanup old freetype2 (FreeType1) mess. + * Use debhelper V3, tighten Build-Dependency on debhelper accordingly + and remove postinst to have debhelper handle ldconfig correctly. + * Build-Conflicts: libpng-dev (>= 1.2) (stuff like libgd-perl needs to + know wether png2 or png3 is used - let's be conservative for a + start). + * Remove duplicate dependencies and strange conflicts/replaces + (probably wrongly converted from those against libgd1g in libgd) in + debian/control. + + -- Jonas Smedegaard Sun, 13 Jan 2002 15:50:02 +0100 + +libgd2 (2.0.1-1) unstable; urgency=low + + * Initial package, based upon libgd1. (Closes: #102179, #102494) + + -- Ivo Timmermans Sat, 18 Aug 2001 19:55:14 +0200 + --- libgd2-2.0.35.dfsg.orig/debian/gdlib-config.1 +++ libgd2-2.0.35.dfsg/debian/gdlib-config.1 @@ -0,0 +1,49 @@ +.TH GD 1 +.SH NAME +gdlib-config - script to get information about the installed version of GD +.SH SYNOPSIS +.B gdlib-config +[\-\-prefix\fI[=DIR]\fP] [\-\-exec\-prefix\fI[=DIR]\fP] [\-\-version] [\-\-libs] [\-\-cflags] +.SH DESCRIPTION +.PP +\fIgdlib-config\fP is a tool that is used to configure to determine +the compiler and linker flags that should be used to compile +and link programs that use the \fIGD\fP library. It is also used internally +to the .m4 macros for GNU autoconf that are included with the \fIGD\fP library. +. +.SH OPTIONS +.l +\fIgdlib-config\fP accepts the following options (and more - run +\fIgdlib-config\fP with no options for the rest): +.TP 8 +.B \-\-version +Print the currently installed version of the \fIGD\fP library on the standard output. +.TP 8 +.B \-\-libs +Print the linker flags that are necessary to link a \fIGD\fP program. +.TP 8 +.B \-\-cflags +Print the compiler flags that are necessary to compile a \fIGD\fP program. +.TP 8 +.B \-\-prefix=PREFIX +If specified, use PREFIX instead of the installation prefix that \fIGD\fP +was built with when computing the output for the \-\-cflags and +\-\-libs options. This option is also used for the exec prefix +if \-\-exec\-prefix was not specified. This option must be specified +before any \-\-libs or \-\-cflags options. +.TP 8 +.B \-\-exec\-prefix=PREFIX +If specified, use PREFIX instead of the installation exec prefix that +\fIGD\fP was built with when computing the output for the \-\-cflags +and \-\-libs options. This option must be specified before any +\-\-libs or \-\-cflags options. +.SH COPYRIGHT +Copyright \(co 1998 Owen Taylor + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose and without fee is hereby granted, +provided that the above copyright notice appear in all copies and that +both that copyright notice and this permission notice appear in +supporting documentation. + +Modified for GD by Jonas Smedegaard --- libgd2-2.0.35.dfsg.orig/debian/TODO +++ libgd2-2.0.35.dfsg/debian/TODO @@ -0,0 +1,69 @@ +GD packaging hall of shame: + * Convince these source package to support the noxpm variant of GD2: + + php4 + + libgd-ruby + + gnustep-gd + + gdtclft + + dvipng + + cl-gd + + apcupsd + + bandwidthd + + mapserver + + cl-gd + + m17n-lib + + mrtg + + php5 + + png2html + + sarg + + bioperl + + ircmarkers + + libchart-strip-perl + + remstats + + piwi + For comparison, these source packages correctly support noxpm: + + pygdchart2 (not yet officially released for Debian) + + libgdchart-gd2 + + wims (but there are other problems - see below) + + webdruid + + webalizer + + rscheme + + python-gd + + plplot + + ploticus + + nagios + + modlogan + + g2 + + bogl + + gnuplot + + cvsgraph + + analog + + rrdtool + + enscribe + + graphviz + + ntop + + faqomatic + + libchart-perl + + shanty + + springgraph + + weathermap4rrd + + bugzilla + And these depend on X11 libs anyway so makes sense to only use -xpm: + + mldonkey + + nut (but why - it is a web app with only CGI interface?!?) + * Convince these source packages to switch to GD v2: + And solve issues with these: + + wims (flydraw and texgd needlessly depends on both v1 and v2) + + libgd-text-perl (needlessly depends on both v1 and v2) + + remstats (favors v1) + For comparison, these source packages correctly depend only on v1: + + libgd-perl (v2 variant packaged too: libgd-gd2-perl) + + libgd-noxpm-perl (v2 variant packaged too: libgd-gd2-noxpm-perl) + + python-gdchart (v2 variant being prepared: pygdchart2) + + libgdchart-gd1 (v2 variant packaged too: libgdchart-gd2) + +Post sarge: + * Switch to using cdbs (too tricky while two branches) + * Rename the -noxpm packages to -nobloat? + +Related work: + * Adopt libgd-gif and merge with libgd (the gif patent is no more). --- libgd2-2.0.35.dfsg.orig/debian/copyright_hints +++ libgd2-2.0.35.dfsg/debian/copyright_hints @@ -0,0 +1,63 @@ +$echo "Copyright (C) 2005 Free Software Foundation, Inc." +(c) 2000 Johan Van den Brande +2001, 2002, Doug Becker and copyright (C) 1994, 1995, 1996, 1997, +Copyright (C) 1989 by Jef Poskanzer. +Copyright (C) 1991-1996, Thomas G. Lane. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software +Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 +Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005 +Copyright (C) 1996, 1997, 1999, 2000, 2001, 2002, 2003, 2005 +Copyright (C) 1996, 1997, 1999, 2000, 2002 Free Software Foundation, Inc. +Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 +Copyright (C) 1997, 1999, 2000, 2001, 2003, 2005 +Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005 +Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +Copyright (C) 2002, 2003, 2005 Free Software Foundation, Inc. +Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. +Copyright (C) 2003, 2005 Free Software Foundation, Inc. +Copyright (C) 2004, 2005 Free Software Foundation, Inc. +Copyright (C) 2006 Free Software Foundation, Inc. +Copyright (C) Maurice Szmurlo --- T-SIT --- January 2000 +Copyright (c) 1997-1998 Sun Microsystems, Inc. +Copyright (c) 1998 Todd C. Miller +Copyright 1991 by the Massachusetts Institute of Technology +Copyright 1999, 2000 Free Software Foundation, Inc. +Copyright 2000 Doug Becker, mailto:thebeckers@home.com +Designed, Written & Copyright 1999, Philip Warner. +Portions copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, +Portions copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Cold Spring +Portions copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002 by +Portions copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Boutell.Com, Inc. +Portions copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 +Portions copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 Pierre-Alain Joye (pierre@libgd.org). +Portions relating to GD2 format copyright 1999, 2000, 2001, 2002 +Portions relating to GD2 format copyright 1999, 2000, 2001, 2002, 2003, 2004 Philip Warner. +Portions relating to GIF animations copyright 2004 Jaakko Hyvätti (jaakko.hyvatti@iki.fi) +Portions relating to GIF compression copyright 1989 by Jef +Portions relating to GIF decompression copyright 1990, 1991, 1993 +Portions relating to JPEG and to color quantization copyright 2000, +Portions relating to JPEG and to color quantization copyright 2000, 2001, 2002, 2003, 2004, Doug Becker and copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 Thomas G. Lane. This software is based +Portions relating to PNG copyright 1999, 2000, 2001, 2002 Greg +Portions relating to PNG copyright 1999, 2000, 2001, 2002, 2003, 2004 Greg Roelofs. +Portions relating to WBMP copyright 2000, 2001, 2002 Maurice +Portions relating to WBMP copyright 2000, 2001, 2002, 2003, 2004 Maurice Szmurlo and Johan Van +Portions relating to gdft.c copyright 2001, 2002 John Ellson +Portions relating to gdft.c copyright 2001, 2002, 2003, 2004 John Ellson (ellson@graphviz.org). +Portions relating to gdttf.c copyright 1999, 2000, 2001, 2002 John +Portions relating to gdttf.c copyright 1999, 2000, 2001, 2002, 2003, 2004 John Ellson (ellson@graphviz.org). +This software is copyright (C) 1991-1998, Thomas G. Lane. +VALUE "LegalCopyright", "Copyright 1997-2007 Thomas Boutell, Pierre-Alain Joye and contributors, see COPYING\0" +define gdTrueColorGetAlpha(c) (((c) & 0x7F000000) >> 24) +define gdTrueColorGetBlue(c) ((c) & 0x0000FF) +define gdTrueColorGetRed(c) (((c) & 0xFF0000) >> 16) +dnl Copyright (C) 1996-2003 Free Software Foundation, Inc. +dnl Copyright (C) 2000-2002 Free Software Foundation, Inc. +dnl Copyright (C) 2001-2005 Free Software Foundation, Inc. +dnl Copyright (C) 2001-2006 Free Software Foundation, Inc. +gd_png.c Copyright 1999 Greg Roelofs and Thomas Boutell --- libgd2-2.0.35.dfsg.orig/debian/README.cdbs-tweaks +++ libgd2-2.0.35.dfsg/debian/README.cdbs-tweaks @@ -0,0 +1,113 @@ +CDBS tweak +========== + +CDBS is great. In some corner cases, however, some parts of CDBS +sometimes needs a few tweaks to work optimally. + +This is a collection of such tweaks. The goal is for these tweaks to be +absorbed into upstream CDBS. We just haven't found time yet to discuss +them at the CDBS developers' mailinglist. And possible we do not all +agree that the tweaks are so great - therefore this "staging area". + +If you found this file below debian/ subdir in a source package, most +probably only a subset of the below mentioned tweaks are relevant and +have been shipped with the package. The repository of all these tweaks +is here: svn://svn.debian.org/build-common/people/js/overlay/ + +Web access: http://svn.debian.org/wsvn/build-common/people/js/overlay/ + + + +Improved support for cdbs-autoupdate +------------------------------------ + +CDBS invented a cool way to help keep build-dependencies up-to-date. + +It is disabled by default, as messing with debian/rules at build time +violates Debian Policy: A build must not change conditions for building. + +Some consider this CDBS feature evil. + +Some enable the feature within a package, and gets smacked by ftp-master +or others (there's even a lintian check to complain about it now). + +This tweak enables the feature when the build environment contains the +non-default hint "cdbs-autoupdate" in the DEB_BUILD_OPTIONS variable. + + + +New buildinfo rule +------------------ + +See package description for "buildinfo" for more info. + + + +Improved support for multiple compilations +------------------------------------------ + +Create and clean builddir _after_ resolving per-package DEB_BUILDDIR. + +Honour per-package DEB_BUILDDIR in makefile class. + + + +Various improvements to python-distutils class +---------------------------------------------- + +Use full path to python interpreter (Python Policy section 1.3.2). + +Add CDBS_BUILD_DEPENDS to old policy method. + +Fix CDBS_BUILD_DEPENDS in new policy methods to only depend on debhelper +when actually used. + +Fix DEB_PYTHON_SIMPLE_PACKAGES sometimes installed twice (and only one +of them honouring DEB_PYTHON_COMPILE_VERSION). + +Unify install path using new DEB_PYTHON_DESTDIR. + +Quote install path. + + + +New copyright-check rule +------------------------ + +Refuse to build if the source is found to contain different copyright +info than earlier builds. + + + +New kernelpatches rule +---------------------- + +Small wrapper around dh-kpatches, taking care of build-dependencies too. + + + +New routines for handling upstream tarball +------------------------------------------ + +Rules and variables to help downloading, validating and repackaging +upstream tarball. + +Implements the rules print-version and get-orig-source commonly used +for group-maintained packages with Debian-specific patches maintained in +SVN or some other VCS, and automated fetching virgin upstream tarball +(possibly massaged after download e.g. to strip non-DFSG material). + + + +Support for custom BTS info +--------------------------- + +Include BTS control info found in debian/*.bts files, or alternatively +redirect bug reports to the email address defined in DEB_BTS_EMAIL. + + + +New dict class +-------------- + +Rules for packaging ispell, aspell, myspell and wordlist dictionaries. --- libgd2-2.0.35.dfsg.orig/debian/libgd-tools.install +++ libgd2-2.0.35.dfsg/debian/libgd-tools.install @@ -0,0 +1,9 @@ +debian/tmp-libgd2-noxpm/usr/bin/annotate /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/bdftogd /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/gd2copypal /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/gd2topng /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/gdparttopng /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/gdtopng /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/pngtogd /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/pngtogd2 /usr/bin +debian/tmp-libgd2-noxpm/usr/bin/webpng /usr/bin --- libgd2-2.0.35.dfsg.orig/debian/libgd2-xpm-dev.manpages +++ libgd2-2.0.35.dfsg/debian/libgd2-xpm-dev.manpages @@ -0,0 +1 @@ +debian/gdlib-config.1 --- libgd2-2.0.35.dfsg.orig/debian/doc_cleaner.pl +++ libgd2-2.0.35.dfsg/debian/doc_cleaner.pl @@ -0,0 +1,40 @@ +#!/usr/bin/perl + +# These corrections makes index.html from the libgd 2.0.11 source +# pass the weblint check. + +my @lines=<>; +my $text = join "", @lines; + +# must contain all or none of the parameters +$text =~ s|<(body)[^>]*>|<$1>|i; + +# is of higher order than +$text =~ s|(]*)?>)|$2$1|gis; +$text =~ s|()([^<]*)|$2$1|gi; + +# requires closing +$text =~ s|(][^<]*<(a)\s[^<]*)()|$1$3|gis; +$text =~ s|(
<(a)\sname=[^<]+?()?([^<]*$4$7|gis; + +# cannot be nested +$text =~ s|([^<]*\)[^<]*)()|$1$3$2|gis; + +# HREF parameter of must be quoted +$text =~ s|href=([^"][^\s">]*)|href="$1"|gi; + +# <> not defining a tag must be escaped +$text =~ s|<([^\s"@<>]+\@[^\s"@<>]+)>|<$1>|g; +$text =~ s|(\s)<(\s)|$1<$2|g; +$text =~ s|([^-]-)>|$1>|g; +$text =~ s||<xxx>|; + +# Correct typos... +$text =~ s|(void gdImageJpegCtx[^<]*)|$1|; +$text =~ s|\n(
)|$1|; +$text =~ s|
\n(
)|$1gdImageAlpha$2|; +$text =~ s|(int gdImageBlue[^<]*)|
$1|; +$text =~ s|VALIGN="TOP >|VALIGN="TOP">|g; +$text =~ s|(

\n

)|\n$1|gis; + +print $text; --- libgd2-2.0.35.dfsg.orig/debian/control.in +++ libgd2-2.0.35.dfsg/debian/control.in @@ -0,0 +1,99 @@ +Source: libgd2 +Section: graphics +Priority: optional +Maintainer: GD team +Uploaders: Jonas Smedegaard , Sean Finney +Build-Depends: @cdbs@ +XS-Vcs-Svn: svn://svn.debian.org/svn/pkg-gd/libgd2/trunk +XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-gd/libgd2/trunk +Standards-Version: 3.7.2 + +Package: libgd-tools +Architecture: any +Depends: ${shlibs:Depends}, ${perl:Depends} +Suggests: libgd2-noxpm-dev | libgd2-xpm-dev +Description: GD command line tools and example code + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is some simple command line tools and example code that use the GD + graphics library. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-xpm-dev +Architecture: any +Section: libdevel +Depends: libgd2-xpm (= ${binary:Version}), ${devlibs:Depends} +Conflicts: libgd-dev, libgd-noxpm-dev, libgd-xpm-dev, libgd2-noxpm-dev +Provides: libgd-dev +Description: GD Graphics Library version 2 (development version) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the full development version of the library, built with XPM + (X pixmap) and fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-noxpm-dev +Architecture: any +Section: libdevel +Depends: libgd2-noxpm (= ${binary:Version}), ${devlibs:Depends} +Conflicts: libgd-dev, libgd-noxpm-dev, libgd-xpm-dev, libgd2-xpm-dev +Provides: libgd-dev +Description: GD Graphics Library version 2 (development version) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the full development version of the library, built without XPM + (X pixmap) or fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-xpm +Architecture: any +Section: libs +Depends: ${shlibs:Depends} +Conflicts: libgd2, libgd2-noxpm +Provides: libgd2 +Suggests: libgd-tools +Description: GD Graphics Library version 2 + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the runtime package of the library, built with XPM (X pixmap) + and fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-noxpm +Architecture: any +Section: libs +Depends: ${shlibs:Depends} +Conflicts: libgd2, libgd2-xpm +Provides: libgd2 +Suggests: libgd-tools +Description: GD Graphics Library version 2 (without XPM support) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the runtime package of the library, built without XPM (X pixmap) + or fontconfig support. + . + Homepage: http://www.libgd.org/ --- libgd2-2.0.35.dfsg.orig/debian/control +++ libgd2-2.0.35.dfsg/debian/control @@ -0,0 +1,100 @@ +Source: libgd2 +Section: graphics +Priority: optional +Maintainer: Ubuntu Core Developers +XSBC-Original-Maintainer: GD team +Uploaders: Jonas Smedegaard , Sean Finney +Build-Depends: autotools-dev, cdbs (>= 0.4.39), quilt, patchutils (>= 0.2.25), dh-buildinfo, debhelper (>= 4.2.0), libpng12-dev, libz-dev, libjpeg62-dev, libfreetype6-dev, libxpm-dev, libx11-dev, libxt-dev, libfontconfig-dev, d-shlibs (>= 0.30) +XS-Vcs-Svn: svn://svn.debian.org/svn/pkg-gd/libgd2/trunk +XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-gd/libgd2/trunk +Standards-Version: 3.7.2 + +Package: libgd-tools +Architecture: any +Depends: ${shlibs:Depends}, ${perl:Depends} +Suggests: libgd2-noxpm-dev | libgd2-xpm-dev +Description: GD command line tools and example code + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is some simple command line tools and example code that use the GD + graphics library. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-xpm-dev +Architecture: any +Section: libdevel +Depends: libgd2-xpm (= ${binary:Version}), ${devlibs:Depends} +Conflicts: libgd-dev, libgd-noxpm-dev, libgd-xpm-dev, libgd2-noxpm-dev +Provides: libgd-dev +Description: GD Graphics Library version 2 (development version) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the full development version of the library, built with XPM + (X pixmap) and fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-noxpm-dev +Architecture: any +Section: libdevel +Depends: libgd2-noxpm (= ${binary:Version}), ${devlibs:Depends} +Conflicts: libgd-dev, libgd-noxpm-dev, libgd-xpm-dev, libgd2-xpm-dev +Provides: libgd-dev +Description: GD Graphics Library version 2 (development version) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the full development version of the library, built without XPM + (X pixmap) or fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-xpm +Architecture: any +Section: libs +Depends: ${shlibs:Depends} +Conflicts: libgd2, libgd2-noxpm +Provides: libgd2 +Suggests: libgd-tools +Description: GD Graphics Library version 2 + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the runtime package of the library, built with XPM (X pixmap) + and fontconfig support. + . + Homepage: http://www.libgd.org/ + +Package: libgd2-noxpm +Architecture: any +Section: libs +Depends: ${shlibs:Depends} +Conflicts: libgd2, libgd2-xpm +Provides: libgd2 +Suggests: libgd-tools +Description: GD Graphics Library version 2 (without XPM support) + GD is a graphics library. It allows your code to quickly draw images + complete with lines, arcs, text, multiple colours, cut and paste from + other images, flood fills, and write out the result as a PNG file. + This is particularly useful in World Wide Web applications, where PNG is + one of the formats accepted for inline images by most browsers. + . + This is the runtime package of the library, built without XPM (X pixmap) + or fontconfig support. + . + Homepage: http://www.libgd.org/ --- libgd2-2.0.35.dfsg.orig/debian/patches/series +++ libgd2-2.0.35.dfsg/debian/patches/series @@ -0,0 +1,3 @@ +0001_cvs20070904.patch +0002_cvs20070916.patch +9000_security_CVE-2009-3546.patch --- libgd2-2.0.35.dfsg.orig/debian/patches/0001_cvs20070904.patch +++ libgd2-2.0.35.dfsg/debian/patches/0001_cvs20070904.patch @@ -0,0 +1,259 @@ +diff -ruNp gd-2.0.35/gd.c libgd20/gd.c +--- gd-2.0.35/gd.c 2007-06-19 22:25:51.000000000 +0200 ++++ libgd20/gd.c 2007-09-01 14:34:59.000000000 +0200 +@@ -1,4 +1,4 @@ +-/* $Id: gd.c,v 1.49.2.16 2007/06/19 20:25:51 pajoye Exp $ */ ++/* $Id: gd.c,v 1.49.2.22 2007/09/01 12:34:59 mattias Exp $ */ + #ifdef HAVE_CONFIG_H + #include "config.h" + #endif +@@ -589,7 +589,7 @@ BGD_DECLARE(int) gdImageColorResolveAlph + + BGD_DECLARE(void) gdImageColorDeallocate (gdImagePtr im, int color) + { +- if (im->trueColor) ++ if (im->trueColor || (color >= gdMaxColors) || (color < 0)) + { + return; + } +@@ -1955,6 +1955,14 @@ BGD_DECLARE(void) gdImageFill(gdImagePtr + goto done; + } + ++ if(overflow2(im->sy, im->sx)) { ++ return; ++ } ++ ++ if(overflow2(sizeof(struct seg), ((im->sy * im->sx) / 4))) { ++ return; ++ } ++ + stack = (struct seg *)gdMalloc(sizeof(struct seg) * ((int)(im->sy*im->sx)/4)); + if (!stack) { + return; +@@ -2020,6 +2028,26 @@ void _gdImageFillTiled(gdImagePtr im, in + wx2=im->sx;wy2=im->sy; + tiled = nc==gdTiled; + ++ if(overflow2(sizeof(int *), im->sy)) { ++ return; ++ } ++ ++ if(overflow2((sizeof(int *) * im->sy), sizeof(int))) { ++ return; ++ } ++ ++ if(overflow2(im->sx, sizeof(int))) { ++ return; ++ } ++ ++ if(overflow2(im->sy, im->sx)) { ++ return; ++ } ++ ++ if(overflow2(sizeof(struct seg), ((im->sy * im->sx) / 4))) { ++ return; ++ } ++ + nc = gdImageTileGet(im,x,y); + pts = (int **) gdCalloc(sizeof(int *) * im->sy, sizeof(int)); + if (!pts) { +@@ -2103,6 +2131,12 @@ BGD_DECLARE(void) gdImageRectangle (gdIm + int half1 = 1; + int t; + ++ ++ if (x1 == x2 && y1 == y2 && thick == 1) { ++ gdImageSetPixel(im, x1, y1, color); ++ return; ++ } ++ + if (y2 < y1) { + t=y1; + y1 = y2; +@@ -2117,6 +2151,7 @@ BGD_DECLARE(void) gdImageRectangle (gdIm + if (thick > 1) { + int cx, cy, x1ul, y1ul, x2lr, y2lr; + int half = thick >> 1; ++ + half1 = thick - half; + x1ul = x1 - half; + y1ul = y1 - half; +@@ -3480,14 +3515,22 @@ static void gdImageAALine (gdImagePtr im + gdImageLine(im, x1, y1, x2, y2, col); + return; + } +- /* TBB: use the clipping rectangle */ +- if (clip_1d (&x1, &y1, &x2, &y2, im->cx1, im->cx2) == 0) +- return; +- if (clip_1d (&y1, &x1, &y2, &x2, im->cy1, im->cy2) == 0) +- return; ++ ++ /* TBB: use the clipping rectangle */ ++ if (clip_1d (&x1, &y1, &x2, &y2, im->cx1, im->cx2) == 0) ++ return; ++ if (clip_1d (&y1, &x1, &y2, &x2, im->cy1, im->cy2) == 0) ++ return; ++ + dx = x2 - x1; + dy = y2 - y1; + ++ if (dx == 0 && dy == 0) { ++ /* TBB: allow setting points */ ++ gdImageSetAAPixelColor(im, x1, y1, col, 0xFF); ++ return; ++ } ++ + /* Axis aligned lines */ + if (dx == 0) { + gdImageVLine(im, x1, y1, y2, col); +@@ -3497,11 +3540,6 @@ static void gdImageAALine (gdImagePtr im + return; + } + +- if (dx == 0 && dy == 0) { +- /* TBB: allow setting points */ +- gdImageSetAAPixelColor(im, x1, y1, col, 0xFF); +- return; +- } + if (abs(dx) > abs(dy)) { + if (dx < 0) { + tmp = x1; +diff -ruNp gd-2.0.35/gd_gd2.c libgd20/gd_gd2.c +--- gd-2.0.35/gd_gd2.c 2007-01-04 13:40:48.000000000 +0100 ++++ libgd20/gd_gd2.c 2007-08-07 21:50:39.000000000 +0200 +@@ -293,6 +293,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromGd2Ctx (in); + in->gd_free (in); + return im; +@@ -503,6 +505,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromGd2PartCtx (in, srcx, srcy, w, h); + in->gd_free (in); + return im; +diff -ruNp gd-2.0.35/gd_gd.c libgd20/gd_gd.c +--- gd-2.0.35/gd_gd.c 2006-04-05 17:52:22.000000000 +0200 ++++ libgd20/gd_gd.c 2007-08-07 21:50:39.000000000 +0200 +@@ -149,6 +149,10 @@ _gdCreateFromFile (gdIOCtx * in, int *sx + { + im = gdImageCreate (*sx, *sy); + } ++ if (!im) ++ { ++ goto fail1; ++ } + if (!_gdGetColors (in, im, gd2xFlag)) + { + goto fail2; +@@ -178,6 +182,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromGdCtx (in); + in->gd_free (in); + return im; +diff -ruNp gd-2.0.35/gd_gif_in.c libgd20/gd_gif_in.c +--- gd-2.0.35/gd_gif_in.c 2007-06-14 21:51:41.000000000 +0200 ++++ libgd20/gd_gif_in.c 2007-08-07 21:54:24.000000000 +0200 +@@ -110,6 +110,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromGifCtx (in); + in->gd_free (in); + return im; +diff -ruNp gd-2.0.35/gd.h libgd20/gd.h +--- gd-2.0.35/gd.h 2007-05-06 22:38:20.000000000 +0200 ++++ libgd20/gd.h 2007-06-26 14:09:13.000000000 +0200 +@@ -135,7 +135,7 @@ extern "C" + based on the alpha channel value of the source color. + The resulting color is opaque. */ + +- BGD_DECLARE(int) gdAlphaBlend (int dest, int src); ++BGD_DECLARE(int) gdAlphaBlend (int dest, int src); + + typedef struct gdImageStruct + { +@@ -377,7 +377,8 @@ BGD_DECLARE(void) gdImageStringUp16 (gdI + BGD_DECLARE(int) gdFontCacheSetup (void); + + /* Optional: clean up after application is done using fonts in +-BGD_DECLARE( ) gdImageStringFT(). */ ++BGD_DECLARE( ) ++ gdImageStringFT(). */ + BGD_DECLARE(void) gdFontCacheShutdown (void); + /* 2.0.20: for backwards compatibility. A few applications did start calling + this function when it first appeared although it was never documented. +diff -ruNp gd-2.0.35/gd_jpeg.c libgd20/gd_jpeg.c +--- gd-2.0.35/gd_jpeg.c 2006-04-05 22:46:15.000000000 +0200 ++++ libgd20/gd_jpeg.c 2007-08-07 21:50:39.000000000 +0200 +@@ -275,6 +275,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromJpegCtx (in); + in->gd_free (in); + return im; +diff -ruNp gd-2.0.35/gd_png.c libgd20/gd_png.c +--- gd-2.0.35/gd_png.c 2007-06-14 21:51:41.000000000 +0200 ++++ libgd20/gd_png.c 2007-08-07 21:50:39.000000000 +0200 +@@ -1,4 +1,4 @@ +-/* $Id: gd_png.c,v 1.21.2.2 2007/05/17 14:38:24 pajoye Exp $ */ ++/* $Id: gd_png.c,v 1.21.2.3 2007/08/07 19:50:39 mattias Exp $ */ + #ifdef HAVE_CONFIG_H + #include "config.h" + #endif +@@ -112,6 +112,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromPngCtx (in); + in->gd_free (in); + return im; +diff -ruNp gd-2.0.35/gd_security.c libgd20/gd_security.c +--- gd-2.0.35/gd_security.c 2006-04-05 17:54:20.000000000 +0200 ++++ libgd20/gd_security.c 2007-08-08 17:18:46.000000000 +0200 +@@ -19,12 +19,10 @@ + + int overflow2(int a, int b) + { +- if(a < 0 || b < 0) { +- fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n"); ++ if(a <= 0 || b <= 0) { ++ fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n"); + return 1; + } +- if(b == 0) +- return 0; + if(a > INT_MAX / b) { + fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n"); + return 1; +diff -ruNp gd-2.0.35/gd_wbmp.c libgd20/gd_wbmp.c +--- gd-2.0.35/gd_wbmp.c 2006-04-05 17:54:20.000000000 +0200 ++++ libgd20/gd_wbmp.c 2007-08-07 21:50:39.000000000 +0200 +@@ -198,6 +198,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro + { + gdImagePtr im; + gdIOCtx *in = gdNewDynamicCtxEx (size, data, 0); ++ if(!in) ++ return 0; + im = gdImageCreateFromWBMPCtx (in); + in->gd_free (in); + return im; --- libgd2-2.0.35.dfsg.orig/debian/patches/9000_security_CVE-2009-3546.patch +++ libgd2-2.0.35.dfsg/debian/patches/9000_security_CVE-2009-3546.patch @@ -0,0 +1,20 @@ +# +# Description: fix denial of service and possible code execution via GD +# file with large number of colors +# Patch: http://svn.php.net/viewvc?view=revision&revision=289557 +# Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552534 +# +diff -Nur libgd2-2.0.35.dfsg/gd_gd.c libgd2-2.0.35.dfsg.new/gd_gd.c +--- libgd2-2.0.35.dfsg/gd_gd.c 2009-11-04 09:41:16.000000000 -0500 ++++ libgd2-2.0.35.dfsg.new/gd_gd.c 2009-11-04 09:41:42.000000000 -0500 +@@ -44,6 +44,10 @@ + { + goto fail1; + } ++ if (im->colorsTotal > gdMaxColors) ++ { ++ goto fail1; ++ } + } + /* Int to accommodate truecolor single-color transparency */ + if (!gdGetInt (&im->transparent, in)) --- libgd2-2.0.35.dfsg.orig/debian/patches/README +++ libgd2-2.0.35.dfsg/debian/patches/README @@ -0,0 +1,3 @@ +0xxx: Grabbed from upstream development. +1xxx: Possibly relevant for upstream adoption. +2xxx: Only relevant for official Debian release. --- libgd2-2.0.35.dfsg.orig/debian/patches/0002_cvs20070916.patch +++ libgd2-2.0.35.dfsg/debian/patches/0002_cvs20070916.patch @@ -0,0 +1,13 @@ +diff -ruNp libgd20.old/gd.c libgd20/gd.c +--- libgd20.old/gd.c 2007-09-01 14:34:59.000000000 +0200 ++++ libgd20/gd.c 2007-09-16 21:48:21.000000000 +0200 +@@ -601,6 +601,9 @@ BGD_DECLARE(void) gdImageColorTransparen + { + if (!im->trueColor) + { ++ if((color < -1) || (color >= gdMaxColors)) { ++ return; ++ } + if (im->transparent != -1) + { + im->alpha[im->transparent] = gdAlphaOpaque; --- libgd2-2.0.35.dfsg.orig/debian/cdbs/1/rules/buildcore.mk +++ libgd2-2.0.35.dfsg/debian/cdbs/1/rules/buildcore.mk @@ -0,0 +1,30 @@ +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2006 Jonas Smedegaard +# Description: Check for cdbs-autoupdate in DEB_BUILD_OPTIONS +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +# 02111-1307 USA. + +_cdbs_scripts_path ?= /usr/lib/cdbs +_cdbs_rules_path ?= /usr/share/cdbs/1/rules +_cdbs_class_path ?= /usr/share/cdbs/1/class + +include $(_cdbs_rules_path)/buildvars.mk$(_cdbs_makefile_suffix) + +ifneq (,$(findstring cdbs-autoupdate,$(DEB_BUILD_OPTIONS))) +DEB_AUTO_UPDATE_DEBIAN_CONTROL = yes +endif + +include $(_cdbs_rules_path)/buildcore.mk$(_cdbs_makefile_suffix) --- libgd2-2.0.35.dfsg.orig/debian/cdbs/1/rules/copyright-check.mk +++ libgd2-2.0.35.dfsg/debian/cdbs/1/rules/copyright-check.mk @@ -0,0 +1,69 @@ +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2005-2007 Jonas Smedegaard +# Description: Check for changes to copyright notices in source +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +# 02111-1307 USA. + +# TODO: Save scan as "file: match" (needs rewrite of main loop in perl) + +# TODO: Save scan as "file (license): match" (needs /usr/bin/licensecheck from kdesdk-scripts) + +_cdbs_scripts_path ?= /usr/lib/cdbs +_cdbs_rules_path ?= /usr/share/cdbs/1/rules +_cdbs_class_path ?= /usr/share/cdbs/1/class + +ifndef _cdbs_rules_copyright-check +_cdbs_rules_copyright-check := 1 + +include $(_cdbs_rules_path)/buildcore.mk$(_cdbs_makefile_suffix) + +cdbs_copyright-check_find_opts := -not -regex 'debian/.*' -not -regex '\(.*/\)?config\.\(guess\|sub\|rpath\)\(\..*\)?' +cdbs_copyright-check_egrep_opts := --text -rih '(copyright|\(c\) ).*[0-9]{4}' + +pre-build:: debian/stamp-copyright-check + +debian/stamp-copyright-check: + @echo 'Scanning upstream source for new/changed copyright notices (except debian subdir!)...' + find * -type f $(cdbs_copyright-check_find_opts) -exec cat '{}' ';' \ + | tr '\r' '\n' \ + | LC_ALL=C sed -e 's/[^[:print:]]//g' \ + | egrep $(cdbs_copyright-check_egrep_opts) \ + | sed -e 's/^[[:space:]*#]*//' -e 's/[[:space:]]*$$//' \ + | LC_ALL=C sort -u \ + > debian/copyright_newhints + @if [ ! -f debian/copyright_hints ]; then touch debian/copyright_hints; fi + @newstrings=`diff -u debian/copyright_hints debian/copyright_newhints | sed '1,2d' | egrep '^\+' | sed 's/^\+//'`; \ + if [ -n "$$newstrings" ]; then \ + echo "Error: The following new or changed copyright notices discovered:"; \ + echo "$$newstrings"; \ + echo "Trying to locate the files containing the new/changed copyright notices..."; \ + echo "(Strings part of binary data you need to resolve yourself)"; \ + find * -type f $(cdbs_copyright-check_find_opts) -exec grep -F -l -e "$$newstrings" '{}' ';'; \ + echo; \ + echo "To fix the situation please do the following:"; \ + echo " 1) Investigate the above changes and update debian/copyright as needed"; \ + echo " 2) Replace debian/copyright_hints with debian/copyright_newhints"; \ + exit 1; \ + fi + + @echo 'No new copyright notices found - assuming no news is good news...' + rm -f debian/copyright_newhints + touch $@ + +clean:: + rm -f debian/stamp-copyright-check + +endif --- libgd2-2.0.35.dfsg.orig/debian/cdbs/1/rules/upstream-tarball.mk +++ libgd2-2.0.35.dfsg/debian/cdbs/1/rules/upstream-tarball.mk @@ -0,0 +1,116 @@ +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2007 Jonas Smedegaard +# Description: Convenience rules for dealing with upstream tarballs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +# 02111-1307 USA. + +_cdbs_scripts_path ?= /usr/lib/cdbs +_cdbs_rules_path ?= /usr/share/cdbs/1/rules +_cdbs_class_path ?= /usr/share/cdbs/1/class + +ifndef _cdbs_rules_upstream_tarball +_cdbs_rules_upstream_tarball := 1 + +include $(_cdbs_rules_path)/buildvars.mk$(_cdbs_makefile_suffix) + +CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), cdbs (>= 0.4.39) + +# Prefix for upstream location of all upstream tarballs (mandatory!) +#DEB_UPSTREAM_URL = +DEB_UPSTREAM_PACKAGE = $(DEB_SOURCE_PACKAGE) +DEB_UPSTREAM_TARBALL_VERSION = $(if $(strip $(DEB_UPSTREAM_REPACKAGE_EXCLUDE)),$(DEB_UPSTREAM_VERSION:$(DEB_UPSTREAM_REPACKAGE_DELIMITER)$(DEB_UPSTREAM_REPACKAGE_TAG)=),$(DEB_UPSTREAM_VERSION)) +DEB_UPSTREAM_TARBALL_BASENAME = $(DEB_UPSTREAM_PACKAGE)-$(DEB_UPSTREAM_TARBALL_VERSION) +DEB_UPSTREAM_TARBALL_EXTENSION = tar.gz +# Checksum to ensure integrity of downloadeds using get-orig-source (optional) +#DEB_UPSTREAM_TARBALL_MD5 = + +DEB_UPSTREAM_WORKDIR = ../tarballs + +# Base directory within tarball +DEB_UPSTREAM_TARBALL_SRCDIR = $(DEB_UPSTREAM_PACKAGE)-$(DEB_UPSTREAM_TARBALL_VERSION) + +# Space-delimited list of directories and files to strip (optional) +#DEB_UPSTREAM_REPACKAGE_EXCLUDE = CVS .cvsignore doc/rfc*.txt doc/draft*.txt +DEB_UPSTREAM_REPACKAGE_TAG = dfsg +DEB_UPSTREAM_REPACKAGE_DELIMITER = . + +cdbs_upstream_tarball = $(DEB_UPSTREAM_TARBALL_BASENAME).$(DEB_UPSTREAM_TARBALL_EXTENSION) +cdbs_upstream_local_tarball = $(DEB_SOURCE_PACKAGE)_$(DEB_UPSTREAM_TARBALL_VERSION).orig.$(if $(findstring $(DEB_UPSTREAM_TARBALL_EXTENSION),tgz),tar.gz,$(DEB_UPSTREAM_TARBALL_EXTENSION)) +cdbs_upstream_repackaged_tarball = $(DEB_SOURCE_PACKAGE)_$(DEB_UPSTREAM_TARBALL_VERSION)$(DEB_UPSTREAM_REPACKAGE_DELIMITER)$(DEB_UPSTREAM_REPACKAGE_TAG).orig.tar.gz +cdbs_upstream_uncompressed_tarball = $(DEB_SOURCE_PACKAGE)_$(DEB_UPSTREAM_TARBALL_VERSION).orig.tar + +# # These variables are deprecated +_cdbs_deprecated_vars += DEB_UPSTREAM_TARBALL DEB_UPSTREAM_LOCAL_TARBALL DEB_UPSTREAM_REPACKAGE_TARBALL +_cdbs_deprecated_vars += DEB_UPSTREAM_REPACKAGE_EXCLUDES +DEB_UPSTREAM_REPACKAGE_EXCLUDE += $(DEB_UPSTREAM_REPACKAGE_EXCLUDES) + +print-version: + @@echo "Debian version: $(DEB_VERSION)" + @@echo "Upstream version: $(DEB_UPSTREAM_TARBALL_VERSION)" + +get-orig-source: + @@dh_testdir + @@mkdir -p "$(DEB_UPSTREAM_WORKDIR)" + + @if [ ! -s "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" ] ; then \ + if [ -f "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" ] ; then \ + rm "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" ; \ + fi ; \ + echo "Downloading $(cdbs_upstream_local_tarball) from $(DEB_UPSTREAM_URL)/$(cdbs_upstream_tarball) ..." ; \ + wget -N -nv -T10 -t3 -O "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" "$(DEB_UPSTREAM_URL)/$(cdbs_upstream_tarball)" ; \ + else \ + echo "Upstream source tarball have been already downloaded: $(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" ; \ + fi + + @md5current=`md5sum "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" | sed -e 's/ .*//'`; \ + if [ -n "$(DEB_UPSTREAM_TARBALL_MD5)" ] ; then \ + if [ "$$md5current" != "$(DEB_UPSTREAM_TARBALL_MD5)" ] ; then \ + echo "Expecting upstream tarball md5sum $(DEB_UPSTREAM_TARBALL_MD5), but $$md5current found" ; \ + echo "Upstream tarball md5sum is NOT trusted! Possible upstream tarball forge!" ; \ + echo "Purging downloaded file. Try new download." ; \ + rm -f "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" ; \ + false ; \ + else \ + echo "Upstream tarball is trusted!" ; \ + fi; \ + else \ + echo "Upstream tarball NOT trusted (current md5sum is $$md5current)!" ; \ + fi + + @case "$(cdbs_upstream_local_tarball)" in \ + *.tar.gz) unpack="gunzip -c";; \ + *.tar.bz2) unpack="bunzip2 -c"; uncompress="bunzip2";; \ + *.tar.Z) unpack="uncompress -c"; uncompress="uncompress";; \ + *.tar) unpack="cat"; uncompress="true";; \ + *) echo "Unknown extension for upstream tarball $(cdbs_upstream_local_tarball)"; false;; \ + esac && \ + if [ -n "$(strip $(DEB_UPSTREAM_REPACKAGE_EXCLUDE))" ]; then \ + echo "Repackaging tarball ..." && \ + mkdir -p "$(DEB_UPSTREAM_WORKDIR)/$(DEB_UPSTREAM_REPACKAGE_TAG)" && \ + $$unpack "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)" \ + | tar -x -C "$(DEB_UPSTREAM_WORKDIR)/$(DEB_UPSTREAM_REPACKAGE_TAG)" $(patsubst %,--exclude='%',$(DEB_UPSTREAM_REPACKAGE_EXCLUDE)) && \ + GZIP=-9 tar -b1 -czf "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_repackaged_tarball)" -C "$(DEB_UPSTREAM_WORKDIR)/$(DEB_UPSTREAM_REPACKAGE_TAG)" $(DEB_UPSTREAM_TARBALL_SRCDIR) && \ + echo "Cleaning up" && \ + rm -rf "$(DEB_UPSTREAM_WORKDIR)/$(DEB_UPSTREAM_REPACKAGE_TAG)"; \ + elif [ -n "$$uncompress" ]; then \ + echo "Recompressing tarball ..." && \ + $$uncompress "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_local_tarball)"; \ + bzip -9 "$(DEB_UPSTREAM_WORKDIR)/$(cdbs_upstream_uncompressed_tarball)"; \ + fi + +DEB_PHONY_RULES += print-version get-orig-source + +endif --- libgd2-2.0.35.dfsg.orig/debian/cdbs/1/rules/buildinfo.mk +++ libgd2-2.0.35.dfsg/debian/cdbs/1/rules/buildinfo.mk @@ -0,0 +1,40 @@ +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2004-2006 Jonas Smedegaard +# Description: Generate and include build information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +# 02111-1307 USA. + +_cdbs_scripts_path ?= /usr/lib/cdbs +_cdbs_rules_path ?= /usr/share/cdbs/1/rules +_cdbs_class_path ?= /usr/share/cdbs/1/class + +ifndef _cdbs_rules_buildinfo +_cdbs_rules_buildinfo = 1 + +include $(_cdbs_rules_path)/buildcore.mk$(_cdbs_makefile_suffix) + +CDBS_BUILD_DEPENDS := $(CDBS_BUILD_DEPENDS), dh-buildinfo + +common-install-arch common-install-indep:: debian/stamp-buildinfo + +debian/stamp-buildinfo: + dh_buildinfo + touch debian/stamp-buildinfo + +clean:: + rm -f debian/stamp-buildinfo + +endif --- libgd2-2.0.35.dfsg.orig/debian/libgd-tools.manpages +++ libgd2-2.0.35.dfsg/debian/libgd-tools.manpages @@ -0,0 +1 @@ +debian/libgd-tools.1 --- libgd2-2.0.35.dfsg.orig/debian/libgd-tools.links +++ libgd2-2.0.35.dfsg/debian/libgd-tools.links @@ -0,0 +1,9 @@ +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/annotate.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/bdftogd.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/pngtogd.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/pngtogd2.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/gdtopng.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/gd2topng.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/gd2copypal.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/gdparttopng.1.gz +/usr/share/man/man1/libgd-tools.1.gz /usr/share/man/man1/webpng.1.gz --- libgd2-2.0.35.dfsg.orig/debian/libgd-tools.1 +++ libgd2-2.0.35.dfsg/debian/libgd-tools.1 @@ -0,0 +1,40 @@ +.TH LIBGD-TOOLS 1 "13 July 2002" +.SH NAME +libgd-tools \- programs to convert between gd and other graphics formats +.SH SYNOPSIS +.B libgd-tools +.RI [ options ] " files" ... +.br +.B bar +.RI [ options ] " files" ... +.SH DESCRIPTION +This manual page documents briefly the +.B annotate +, +.B bdftogd +, +.B pngtogd +, +.B pngtogd2 +, +.B gdtopng +, +.B gd2topng +, +.B gd2copypal +, +.B gdparttopng +and +.B webpng +commands, which are all distributed as part of the gd library. +This manual page was written for the Debian distribution +because the original program does not have a manual page. +.PP +.B libgd-tools +are programs that convert between gd and other graphics formats. +.SH OPTIONS +These programs usually takes two options: input file and output file. +If in doubt, simply run the program with no options for a tiny help. +.SH AUTHOR +This manual page was written by Jonas Smedegaard , +for the Debian GNU/Linux system (but may be used by others). --- libgd2-2.0.35.dfsg.orig/debian/compat +++ libgd2-2.0.35.dfsg/debian/compat @@ -0,0 +1 @@ +4 --- libgd2-2.0.35.dfsg.orig/debian/libgd2-xpm-dev.examples +++ libgd2-2.0.35.dfsg/debian/libgd2-xpm-dev.examples @@ -0,0 +1,7 @@ +demoin.png +gdtest.c +gdtestft.c +gddemo.c +gd2time.c +testac.c +test/* --- libgd2-2.0.35.dfsg.orig/debian/libgd2-noxpm-dev.manpages +++ libgd2-2.0.35.dfsg/debian/libgd2-noxpm-dev.manpages @@ -0,0 +1 @@ +debian/gdlib-config.1 --- libgd2-2.0.35.dfsg.orig/debian/libgd2-dev.substvars +++ libgd2-2.0.35.dfsg/debian/libgd2-dev.substvars @@ -0,0 +1 @@ +devlibs:Depends=libc6-dev, libfontconfig1-dev, libfreetype6-dev, libjpeg62-dev, libpng12-0-dev, libx11-dev | xlibs-dev (<< 4.3.0), libxpm-dev | xlibs-dev (<< 4.3.0), zlib1g-dev --- libgd2-2.0.35.dfsg.orig/debian/watch +++ libgd2-2.0.35.dfsg/debian/watch @@ -0,0 +1,3 @@ +# run the "uscan" command to check for upstream updates and more. +version=3 +http://www.libgd.org/releases/gd-(2\.[\.0-9]+).tar.gz debian uupdate --- libgd2-2.0.35.dfsg.orig/debian/libgd2-noxpm-dev.examples +++ libgd2-2.0.35.dfsg/debian/libgd2-noxpm-dev.examples @@ -0,0 +1,7 @@ +demoin.png +gdtest.c +gdtestft.c +gddemo.c +gd2time.c +testac.c +test/*