-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 04 Sep 2007 20:28:46 +0200 Source: libgd2 Binary: libgd2-noxpm-dev libgd2-noxpm libgd2-xpm libgd2-xpm-dev libgd-tools Architecture: source amd64 Version: 2.0.35.dfsg-2 Distribution: unstable Urgency: medium Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org> Changed-By: Jonas Smedegaard <dr@jones.dk> Description: libgd-tools - GD command line tools and example code libgd2-noxpm - GD Graphics Library version 2 (without XPM support) libgd2-noxpm-dev - GD Graphics Library version 2 (development version) libgd2-xpm - GD Graphics Library version 2 libgd2-xpm-dev - GD Graphics Library version 2 (development version) Changes: libgd2 (2.0.35.dfsg-2) unstable; urgency=medium . * Add patch (using patchsystem-quilt.mk cdbs snippet) hand-picked from upstream CVS to fix various security-related issues: + _gdCreateFromFile() can crash if gdImageCreate fails + gdImageCreateFrom*Ptr() can crash if gdNewDynamicCtxEx() + gdImageRectangle draws 1x1 rectangles as 1x3 rectangles + Possible integer overflow in gdImageFill() + Optimization for single pixel line not in correct order + gdImageColorDeallocate can write outside buffer * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control. * Update cdbs tweaks: + Support non-dot-delimited repackaging tag in update-tarball. + update-tarball needs recent cdbs (only relevant for backports). * Cleanup duplicate build-dependencies in debian/rules. * Semi-auto-update debian/control: DEB_BUILD_OPTIONS=cdbs-autoupdate fakeroot debian/rules pre-build * Fix shlibs dependencies: Use DEB_UPSTREAM_VERSION (instead of custom version variables). * Set urgenvy=medium due to the security-related fixes. Files: c668a6a875877149ea2199a4fe176bb8 1082 graphics optional libgd2_2.0.35.dfsg-2.dsc 76e02f18745fc2ca4f27cc21d0608470 24330 graphics optional libgd2_2.0.35.dfsg-2.diff.gz 7d47265544bc4b7c93236643b3847f11 263832 graphics optional libgd-tools_2.0.35.dfsg-2_amd64.deb a7829f27b4ec07568d37ecc5d3b2c5f8 464898 libdevel optional libgd2-xpm-dev_2.0.35.dfsg-2_amd64.deb 61d824a6f219b3e0b36bea51ae972d98 462120 libdevel optional libgd2-noxpm-dev_2.0.35.dfsg-2_amd64.deb 3dfc3b583092e82c214fc8377203a72d 326142 libs optional libgd2-xpm_2.0.35.dfsg-2_amd64.deb 02fa1901c21a0a035c666af3348686da 323384 libs optional libgd2-noxpm_2.0.35.dfsg-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG3cAQn7DbMsAkQLgRAtZxAKCIjkwfjqCKCTqDWzw3CvNXgPboMQCfSxCU 1OcQ1H6Zanw4f0zlCGM8Fck= =Ewpv -----END PGP SIGNATURE----- Accepted: libgd-tools_2.0.35.dfsg-2_amd64.deb to pool/main/libg/libgd2/libgd-tools_2.0.35.dfsg-2_amd64.deb libgd2-noxpm-dev_2.0.35.dfsg-2_amd64.deb to pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-2_amd64.deb libgd2-noxpm_2.0.35.dfsg-2_amd64.deb to pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-2_amd64.deb libgd2-xpm-dev_2.0.35.dfsg-2_amd64.deb to pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-2_amd64.deb libgd2-xpm_2.0.35.dfsg-2_amd64.deb to pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-2_amd64.deb libgd2_2.0.35.dfsg-2.diff.gz to pool/main/libg/libgd2/libgd2_2.0.35.dfsg-2.diff.gz libgd2_2.0.35.dfsg-2.dsc to pool/main/libg/libgd2/libgd2_2.0.35.dfsg-2.dsc