-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2016 19:07:47 +0200 Source: libgd2 Binary: libgd-tools libgd2-xpm-dev libgd2-noxpm-dev libgd2-xpm libgd2-noxpm Architecture: source amd64 Version: 2.0.36~rc1~dfsg-6.1+deb7u6 Distribution: wheezy-security Urgency: high Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libgd-tools - GD command line tools and example code libgd2-noxpm - GD Graphics Library version 2 (without XPM support) libgd2-noxpm-dev - GD Graphics Library version 2 (development version) libgd2-xpm - GD Graphics Library version 2 libgd2-xpm-dev - GD Graphics Library version 2 (development version) Changes: libgd2 (2.0.36~rc1~dfsg-6.1+deb7u6) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2016-6911 invalid read in gdImageCreateFromTiffPtr() (most of the code is not present in the Wheezy version) * CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf Checksums-Sha1: 5e7306d644fa56d5e3c422dc38442592bb492e42 2551 libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.dsc e93c43f3c2283c6fe09793ac06a4a106374e0cb3 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz 0b925811dfa46e4b54661d2a3b9fa72f72adf9ec 31074 libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.debian.tar.gz 8d80319743585436a06dd2542d42f819cbfaad2a 169970 libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb b25276a86b01a91d542c0b778c79f3e69c814854 374274 libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 7016dee89c1416d84ad4acf4c8a0da655fc589ea 371652 libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 8399c2317e52f40d591cacaf830dc5d159590a3a 233234 libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb f12f2201fafef85d36eafbc6228df5019f4f4a2b 230828 libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb Checksums-Sha256: 0895065d0333108dee189117081dde3e1439694ceb185766bc74fa8e5c5c59ad 2551 libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.dsc 919df21310ad4a8b6155df01411138110589cc6c50b1bc414dc62aebb0a7f41a 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz 4c334a7735132dd098246ede795b5386ac95068c7233e6430a03737b510b0444 31074 libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.debian.tar.gz 3d8e753b60e7a0fd2f4155c27778b0bdebc16dac41d36876b1c206945343e37b 169970 libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 0845c99e6438e4382ac7ddf5eee5cac7694fbfa9424d21924f29e9e091c52627 374274 libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb fc09ded71ba1014c37979b8f3d4cc9ea6304f00fab7539d20323ed759d7eeb79 371652 libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb a949a1e113ed7e4ce4dd211256e2c08792e7b0732e05bb9ca7c9d58fc1cd7252 233234 libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 6419cae5372caf61f425909134fce8791a1e3c2a6c366f2938c5fefba3183935 230828 libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb Files: 41ea4b127778e98e82209ca195bd2f39 2551 graphics optional libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.dsc 0f4d2fa45627af0e87fcb74f653b66dd 761899 graphics optional libgd2_2.0.36~rc1~dfsg.orig.tar.gz 76463b46ca2215e7d7ccde484bb32b26 31074 graphics optional libgd2_2.0.36~rc1~dfsg-6.1+deb7u6.debian.tar.gz cee74acf87afc7a6190d1eff36e70b8b 169970 graphics optional libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 2ea674f85a314b960256a02ed51fb664 374274 libdevel optional libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb f9f166cba549942ed4c04ddac26d4ecd 371652 libdevel optional libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb f391a757610b3ce78be83ca1603f49ae 233234 libs optional libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb 71d88ed468451553f5c0e81349b87a93 230828 libs optional libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u6_amd64.deb -----BEGIN PGP SIGNATURE----- iQKQBAEBCgB6BQJYBmPfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3ExxkZWJpYW5AYWx0ZWhvbHouZGUACgkQlvysDTh7WEcr 5Q/6A6cnNyT1DpJ2f1qhcWG1/dWE90BCrVp8o9KBIG86m34blaOrP0OfLOFbQhy6 QNm8b5u1iy7cIfZYff+CKU4jQVGXfsWwh5IcoIFkWI1cbZzoImMxR/XuW9eI2gDP kjXcfafBVv4WwSl5jQGFoVMxDbVPg+lspLHFaFGmLXMxxlFDlpBZttuIa1Ch9V39 DmdZa8EnoZ9gnT7hJouustL49RmMXF5Nl8Xrqy0+EyObpyG77AIqURJwF0/rS11f CvbQMCofoRMGN3qSOio0oVU2eRS+cjscM332OARxg0BRBjTLlMt026TWbtfKbU7h NcaCfhQNvrn500pkyiKzaQreucqaKEgKslqAOsBTMaCT8JWujQkX9+mj4+Chio+M jcH3ZNNqpNbt5tUekrPMG6WZITRmG16E0BMEnWFsguupJRQLHoZP6qYsX8H2rdSK qLMjk1zD1WEpGxZCyaZaz1xKmHkt3mWmakRJI+uIJTNU78WhfKCnbj83dxYaKwWk bgUGAeGsd2ofCB2dslKHYfN4Ks60n66egTAFTdLM7WhAkYIJMRl29LqZwXh3AGof XL7lUYv+bqBeUPKFy5F13ZH//U7jBkV83YKt5g5QXw9B498M0MpBJJb7q1cPdX0d r7Nqq+V3jZNa1inIvOdWPIdxpX0GH4/66PL9fAHwo8N/AAM= =/HYl -----END PGP SIGNATURE-----