Name : gd

Product : Fedora 25

Version : 2.2.3

Release : 5.fc25

URL : http://libgd.github.io/

Summary : A graphics library for quick creation of PNG or JPEG images

Description :

The gd graphics library allows your code to quickly draw images

complete with lines, arcs, text, multiple colors, cut and paste from

other images, and flood fills, and to write out the result as a PNG or

JPEG file. This is particularly useful in Web applications, where PNG

and JPEG are two of the formats accepted for inline images by most

browsers. Note that gd is not a paint program.



-------------------------------------------------------------------------------

-

Update Information:



- Security fix for CVE-2016-8670 - Security fix for CVE-2016-6911 - Security

fix

for CVE-2016-7568 - For Fedora 26 disabled two tests - they are failing

because

of freetype 2.7 (https://github.com/libgd/libgd/issues/302,

https://github.com/libgd/libgd/issues/217)

-------------------------------------------------------------------------------

-

References:



[ 1 ] Bug #1380450 - CVE-2016-7568 gd, php: Integer overflow in

gdImageWebpCtx

https://bugzilla.redhat.com/show_bug.cgi?id=1380450

[ 2 ] Bug #1388787 - CVE-2016-6911 gd, php: Missing check for OOB read in

dynamicGetbuf()

https://bugzilla.redhat.com/show_bug.cgi?id=1388787

[ 3 ] Bug #1391068 - CVE-2016-8670 gd, php: Stack based buffer overflow in

dynamicGetbuf

https://bugzilla.redhat.com/show_bug.cgi?id=1391068

-------------------------------------------------------------------------------

-



-------------------------------------------------------------------------------

-

