Debian Package Tracker

From: Steffen Joeris <white@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libgd2 2.0.33-5.2etch1 (source i386)
Date: Wed, 23 Jul 2008 07:52:23 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 19 Jul 2008 13:27:49 +0200
Source: libgd2
Binary: libgd2-noxpm-dev libgd2-noxpm libgd2-xpm libgd2-xpm-dev libgd-tools
Architecture: source i386
Version: 2.0.33-5.2etch1
Distribution: stable-security
Urgency: high
Maintainer: Jonas Smedegaard <dr@jones.dk>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 libgd-tools - GD command line tools and example code
 libgd2-noxpm - GD Graphics Library version 2 (without XPM support)
 libgd2-noxpm-dev - GD Graphics Library version 2 (development version)
 libgd2-xpm - GD Graphics Library version 2
 libgd2-xpm-dev - GD Graphics Library version 2 (development version)
Changes: 
 libgd2 (2.0.33-5.2etch1) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Fix DoS via array index error in gd_gif_in.c caused by large color
     index values
     Fixes: CVE-2007-3476
   * Fix DoS via large start or end angle degree values, which causes a
     large CPU consumption
     Fixes: CVE-2007-3477
   * Fix several integer overflows in some gdImage* functions, which
     could lead to a DoS or arbitrary code execution
     Fixes: CVE-2007-3996
   * Fix several overflows in gd.c by adding sanity checks for certain
     values
   * Fix DoS via infinite loop in gd_png.c
     Fixes: CVE-2007-2445
Files: 
 026ab752f6c09db61257eadc2dc7495f 987 libs optional libgd2_2.0.33-5.2etch1.dsc
 bbcc9e441bb47f54eb6627a79aef95c8 299546 libs optional libgd2_2.0.33-5.2etch1.diff.gz
 a19b726c38ae5b760d12f002dc26386b 144040 graphics optional libgd-tools_2.0.33-5.2etch1_i386.deb
 837a0b4917dd5a9ea44894d1c86dac20 338582 libdevel optional libgd2-xpm-dev_2.0.33-5.2etch1_i386.deb
 e03aba661c8c802c405c1c5caaf7e2fc 335902 libdevel optional libgd2-noxpm-dev_2.0.33-5.2etch1_i386.deb
 1dcc174038ee43b0c3f896255c08da8b 199410 libs optional libgd2-xpm_2.0.33-5.2etch1_i386.deb
 9c41f2bcaf00e296a8f753bc89b042bf 196760 libs optional libgd2-noxpm_2.0.33-5.2etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkiERGoACgkQ62zWxYk/rQeC5wCeLhhojz9mYlYMdU4aMtD418q+
s7oAn1uLPACaC3x63i9A87yHX92epBEw
=kB87
-----END PGP SIGNATURE-----


Accepted:
libgd-tools_2.0.33-5.2etch1_i386.deb
  to pool/main/libg/libgd2/libgd-tools_2.0.33-5.2etch1_i386.deb
libgd2-noxpm-dev_2.0.33-5.2etch1_i386.deb
  to pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-5.2etch1_i386.deb
libgd2-noxpm_2.0.33-5.2etch1_i386.deb
  to pool/main/libg/libgd2/libgd2-noxpm_2.0.33-5.2etch1_i386.deb
libgd2-xpm-dev_2.0.33-5.2etch1_i386.deb
  to pool/main/libg/libgd2/libgd2-xpm-dev_2.0.33-5.2etch1_i386.deb
libgd2-xpm_2.0.33-5.2etch1_i386.deb
  to pool/main/libg/libgd2/libgd2-xpm_2.0.33-5.2etch1_i386.deb
libgd2_2.0.33-5.2etch1.diff.gz
  to pool/main/libg/libgd2/libgd2_2.0.33-5.2etch1.diff.gz
libgd2_2.0.33-5.2etch1.dsc
  to pool/main/libg/libgd2/libgd2_2.0.33-5.2etch1.dsc
News for package libgd2
