Format: 1.8 Date: Tue, 28 Feb 2017 09:47:34 -0500 Source: libgd2 Binary: libgd-tools libgd-dev libgd3 libgd-dbg Architecture: amd64 Version: 2.2.1-1ubuntu3.3 Distribution: yakkety Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libgd-dbg - Debug symbols for GD Graphics Library libgd-dev - GD Graphics Library (development version) libgd-tools - GD command line tools and example code libgd3 - GD Graphics Library Changes: libgd2 (2.2.1-1ubuntu3.3) yakkety-security; urgency=medium . * SECURITY UPDATE: potential unsigned underflow - debian/patches/CVE-2016-10166.patch: refactor loop in src/gd_interpolation.c. - CVE-2016-10166 * SECURITY UPDATE: DoS vulnerability in gdImageCreateFromGd2Ctx() - debian/patches/CVE-2016-10167.patch: properly fail in src/gd_gd2.c. - CVE-2016-10167 * SECURITY UPDATE: signed integer overflow in gd_io.c - debian/patches/CVE-2016-10168.patch: check counts in src/gd_gd2.c. - CVE-2016-10168 * SECURITY UPDATE: OOB reads of the TGA decompression buffer - debian/patches/CVE-2016-6906-pre1.patch: fix coverty warning in src/gd_tga.c. - debian/patches/CVE-2016-6906-pre2.patch: fix TGA RLE decoding in src/gd_tga.c. - debian/patches/CVE-2016-6906-1.patch: check for overflow in src/gd_tga.c. - debian/patches/CVE-2016-6906-2.patch: add another overflow check in src/gd_tga.c. - CVE-2016-6906 * SECURITY UPDATE: double-free in gdImageWebPtr() - debian/patches/CVE-2016-6912.patch: add helper function to indicate failure in src/gd_webp.c. - CVE-2016-6912 * SECURITY UPDATE: DoS via oversized image - debian/patches/CVE-2016-9317.patch: check for oversized images in src/gd.c. - CVE-2016-9317 * SECURITY UPDATE: DoS via stack consumption - debian/patches/CVE-2016-9933.patch: check for invalid colors in src/gd.c. - CVE-2016-9933 Checksums-Sha1: d9af0ea45b827a1b61f9800b9e7e7e24519c6815 299468 libgd-dbg_2.2.1-1ubuntu3.3_amd64.deb 4ce4a50a3e1f5c3c7a5d7fe7fa267581252908de 1032 libgd-dev-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb e499f61c464d1d78caae1fbf2be53817fba569f1 247628 libgd-dev_2.2.1-1ubuntu3.3_amd64.deb d394ee6b5b69173e8292f127730b75303464d0a0 1040 libgd-tools-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb 4350075592d8933c44679d1581f8ef13c98851a3 18016 libgd-tools_2.2.1-1ubuntu3.3_amd64.deb de175407114784487d26251765600ea64fc888c4 1026 libgd3-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb bbc8dd5d2cc5e8377a94a37fd04c907259885dc5 119718 libgd3_2.2.1-1ubuntu3.3_amd64.deb Checksums-Sha256: c4dedc08782b843ab119f300f6877f790a0462ece6d2348e49f56a6419a18355 299468 libgd-dbg_2.2.1-1ubuntu3.3_amd64.deb 04fa8fe721f11328325f88e084d673acddaeac9f0d8ce3fd1c30fde3eb16f142 1032 libgd-dev-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb 8203c72b28dae2865a63ca99528d0be616923a3faf268f50d76776c93d7a70b3 247628 libgd-dev_2.2.1-1ubuntu3.3_amd64.deb da90b94dd2e02088133373560430217b758ebc3ec539239186792c3d7632aefd 1040 libgd-tools-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb da4699591ead61443e9db386f1150d8b6e51565b8b0537d2b0e9c8affa4a5c3a 18016 libgd-tools_2.2.1-1ubuntu3.3_amd64.deb 47f69bec8586178c2c5a10bebf29ca381dfa3d48c111db1024b6a449480a86b9 1026 libgd3-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb 6418e30853d3da5fea9fcdaade2ac862c4c9bd41612e67c6cc9b4d0036c3bdb6 119718 libgd3_2.2.1-1ubuntu3.3_amd64.deb Files: 76d1eaf1a29de97a042b9b81bac92398 299468 debug extra libgd-dbg_2.2.1-1ubuntu3.3_amd64.deb 811f7af77334cbf1fc7b584ebb8782f8 1032 libdevel extra libgd-dev-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb ea9a064268328bba4dd37890d6a42656 247628 libdevel optional libgd-dev_2.2.1-1ubuntu3.3_amd64.deb a57d8bec710b0c8c83e14464d7b829d5 1040 graphics extra libgd-tools-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb 50d293ddac0e2af213c267af4306f665 18016 graphics optional libgd-tools_2.2.1-1ubuntu3.3_amd64.deb 968e3829c7b4d90be77e227dbe8aa6ad 1026 libs extra libgd3-dbgsym_2.2.1-1ubuntu3.3_amd64.ddeb 7db9d6cce6245e2bb2352a2022654ba9 119718 libs optional libgd3_2.2.1-1ubuntu3.3_amd64.deb Original-Maintainer: GD team