Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted libgd2 2.3.0-2+deb11u1 (source) into oldoldstable-security
Date: Tue, 16 Dec 2025 07:10:22 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 15 Dec 2025 23:08:02 +0100
Source: libgd2
Architecture: source
Version: 2.3.0-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: GD Team <team+gd@tracker.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 991912
Changes:
 libgd2 (2.3.0-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2021-40145: double free in gdImageGd2Ptr().
   * Fix CVE-2021-38115: Out-of-bounds read via crafted TGA file. (Closes:
     #991912)
   * Fix CVE-2021-40812: Out-of-bounds read via crafted BMP or WebP files.
Checksums-Sha1:
 00bd78b4500e0f7489e115cd366fef2ef74027a0 2243 libgd2_2.3.0-2+deb11u1.dsc
 6f9e54998b6fb1ade64934ab5f98e255bc2ca81a 3102749 libgd2_2.3.0.orig.tar.gz
 984d844fceddb040cdf1e62eec0541169e2ca417 35004 libgd2_2.3.0-2+deb11u1.debian.tar.xz
 b8e9d2d3ed8b396ebc8ed36adf0472608710d7ff 7682 libgd2_2.3.0-2+deb11u1_source.buildinfo
Checksums-Sha256:
 9602d194fedcbaae6bedddca5f1508bac257034a1608dfb69c4fb97b07ad7253 2243 libgd2_2.3.0-2+deb11u1.dsc
 32590e361a1ea6c93915d2448ab0041792c11bae7b18ee812514fe08b2c6a342 3102749 libgd2_2.3.0.orig.tar.gz
 c4ab820b71cbd8b43f40aee9ae21f1ac2c0f2ab71c3ee3d56cfb85fb42ad5c44 35004 libgd2_2.3.0-2+deb11u1.debian.tar.xz
 778ca218e18e9daa1916a9370861575b3991c0377e5ad2ea0bc5a5280399c969 7682 libgd2_2.3.0-2+deb11u1_source.buildinfo
Files:
 edcf6f2fbc87b4bedfdf9326a671f378 2243 graphics optional libgd2_2.3.0-2+deb11u1.dsc
 ebd0f42dddfc0edbc949cf2d1c3697d5 3102749 graphics optional libgd2_2.3.0.orig.tar.gz
 03c077052d0854d88306ad4d426ce745 35004 graphics optional libgd2_2.3.0-2+deb11u1.debian.tar.xz
 c5dc3350de3254891861416dcab4eae1 7682 graphics optional libgd2_2.3.0-2+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmlAjqMACgkQ05pJnDwh
pVJ13w/9G9749KRMkLG+LYdojBEoDSRkQgXvfH9cVpgDBXQpZ7HrgoH52231gK7i
kI1VRxw0lCGSK1mMGogEEzt+pW4ckEroKpScch0uTRkhV92oLz/Ico3VYHIzcDa9
/U0wZaKgvDSr2NrDRB4pdsvVabDV19KfeEjOUGmDwVRG/bVDotcEoK820b9iX5Wt
ydUo7z66n8DosfNgO2W1xh+d6+GELqajf24cN6/G+0ogMdHHPwWJ99fkYTw32pP2
sS48attFy80/b8YCjFCthsIB8X2bpSNFguXCiYjOFHJQY6Qk5mmQcb+k3jsP3RXx
B2vrG3F6Diinn2eHkl80mdy0qwXWZ2zL+XAoPh2H4kvPa8sKHJWOdKOf2mWcLVk+
LT1LbJkIqCc/OUIW0024h5Rlp+cGBaRtALs+Q7hTOv6Vt9NhHNRZdIZ+Cb4vPFdz
oc2GIlq52pTaQ+9yuCobU8GEnVyVp5TjUu4h6ywzfTdw3J/A62mqPGma0EPay891
HGFdccCpf/xXWYtSmpVNVqUOfdV92xXNeSR2pH4UnoMEOZXndREUThcTmV+qAoXw
fDawykdCtsY7I3H4y+Rfw3nn314wjk+5bvpSBXQV1NC2Fix5tbnaMiyELYRZ92lU
RHxVg96bArjBhSGC6rko4yZ28bHRasG2c90UvOdfcd7tJConv8o=
=wSQS
-----END PGP SIGNATURE-----

News for package libgd2