diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2020-03-26 14:24:43 +0100 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2020-03-26 22:35:35 +0100 |
| commit | 736d772b82bfd693cd9412e2857e029fa6309269 (patch) | |
| tree | 0935a47c181dbeda2f59502c0e63664e30ab450a /gnu/packages/patches/gd-CVE-2018-5711.patch | |
| parent | 8595c7b0bc84b354321ec8f6ccca54322f277eb6 (diff) | |
| download | guix-736d772b82bfd693cd9412e2857e029fa6309269.tar.gz | |
gnu: gd: Update to 2.3.0.
* gnu/packages/patches/gd-fix-tests-on-i686.patch: Adjust context. * gnu/packages/patches/gd-CVE-2018-1000222.patch, gnu/packages/patches/gd-CVE-2018-5711.patch, gnu/packages/patches/gd-CVE-2019-6977.patch, gnu/packages/patches/gd-CVE-2019-6978.patch, gnu/packages/patches/gd-freetype-test-failure.patch: Delete files. * gnu/packages/patches/gd-brect-bounds.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly * gnu/packages/gd.scm (gd): Update to 2.3.0. [source](patches): Remove obsolete. * gnu/packages/gd.scm (gd): [propagated-inputs]: Move LIBJPEG-TURBO and FONTCONFIG ... [inputs]: ... here.
Diffstat (limited to 'gnu/packages/patches/gd-CVE-2018-5711.patch')
| -rw-r--r-- | gnu/packages/patches/gd-CVE-2018-5711.patch | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/gnu/packages/patches/gd-CVE-2018-5711.patch b/gnu/packages/patches/gd-CVE-2018-5711.patch deleted file mode 100644 index 83b12cde63..0000000000 --- a/gnu/packages/patches/gd-CVE-2018-5711.patch +++ /dev/null @@ -1,61 +0,0 @@ -This patch is adapted from commit a11f47475e6443b7f32d21f2271f28f417e2ac04 and -fixes CVE-2018-5711. - -From a11f47475e6443b7f32d21f2271f28f417e2ac04 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Wed, 29 Nov 2017 19:37:38 +0100 -Subject: [PATCH] Fix #420: Potential infinite loop in gdImageCreateFromGifCtx - -Due to a signedness confusion in `GetCode_` a corrupt GIF file can -trigger an infinite loop. Furthermore we make sure that a GIF without -any palette entries is treated as invalid *after* open palette entries -have been removed. - -CVE-2018-5711 - -See also https://bugs.php.net/bug.php?id=75571. ---- - src/gd_gif_in.c | 12 ++++++------ - 1 file changed, 38 insertions(+), 6 deletions(-) - -diff --git a/src/gd_gif_in.c b/src/gd_gif_in.c -index daf26e7..0a8bd71 100644 ---- a/src/gd_gif_in.c -+++ b/src/gd_gif_in.c -@@ -335,11 +335,6 @@ terminated: - return 0; - } - -- if(!im->colorsTotal) { -- gdImageDestroy(im); -- return 0; -- } -- - /* Check for open colors at the end, so - * we can reduce colorsTotal and ultimately - * BitsPerPixel */ -@@ -351,6 +346,11 @@ terminated: - } - } - -+ if(!im->colorsTotal) { -+ gdImageDestroy(im); -+ return 0; -+ } -+ - return im; - } - -@@ -447,7 +447,7 @@ static int - GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroDataBlockP) - { - int i, j, ret; -- unsigned char count; -+ int count; - - if(flag) { - scd->curbit = 0; - --- -2.13.6 - |