From 0a6d05fccddbd410c0f26fb5cb6b397088aa5091 Mon Sep 17 00:00:00 2001 From: Ivana Varekova Date: Mon, 29 Jan 2007 08:55:33 +0000 Subject: [PATCH] - Resolves: #224610 CVE-2007-0455 gd buffer overrun --- gd.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/gd.spec b/gd.spec index 9156f53..79b058a 100644 --- a/gd.spec +++ b/gd.spec @@ -1,7 +1,7 @@ Summary: A graphics library for quick creation of PNG or JPEG images Name: gd Version: 2.0.33 -Release: 11%{?dist} +Release: 12%{?dist} Group: System Environment/Libraries License: BSD-style URL: http://www.boutell.com/gd/ @@ -15,6 +15,7 @@ Patch5: gd-sparc64.patch Patch6: gd-2.0.33-overflow.patch Patch7: gd-2.0.33-AALineThick.patch Patch8: gd-2.0.33-BoxBound.patch +Patch9: gd-2.0.33-cve-07-0455.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: freetype-devel, fontconfig-devel, libX11-devel, libXpm-devel BuildRequires: libjpeg-devel, libpng-devel, zlib-devel, pkgconfig @@ -63,6 +64,7 @@ files for gd, a graphics library for creating PNG and JPEG graphics. %patch6 -p1 -b .overflow %patch7 -p1 -b .AALineThick %patch8 -p1 -b .bb +%patch9 -p1 -b .cve-07-0455 %build %configure --disable-rpath @@ -102,6 +104,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Mon Jan 29 2007 Ivana Varekova 2.0.33-12 +- Resolves: #224610 + CVE-2007-0455 gd buffer overrun + * Tue Nov 21 2006 Ivana Varekova 2.0.33-11 - Fix problem with to large box boundaries Resolves: #197747