Debian Package Tracker

general

source: libgd2 (source, oldlibs)
version: 2.2.4-2
maintainer: GD team (archive) [DMD]
uploaders: Ondřej Surý [DMD]
arch: any
std-ver: 3.9.3
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0.36~rc1~dfsg-6.1+deb7u2
o-o-sec: 2.0.36~rc1~dfsg-6.1+deb7u9
oldstable: 2.1.0-5+deb8u9
old-sec: 2.1.0-5+deb8u10
old-p-u: 2.1.0-5+deb8u10
stable: 2.2.4-2
stable-sec: 2.2.4-2+deb9u1
stable-p-u: 2.2.4-2+deb9u1
testing: 2.2.4-2
unstable: 2.2.4-2

versioned links

2.0.36~rc1~dfsg-6.1+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.36~rc1~dfsg-6.1+deb7u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-5+deb8u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-5+deb8u10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libgd-dev
libgd-tools
libgd3

action needed

Problems while searching for a new upstream version

high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://bitbucket.org/libgd/gd-libgd/downloads/gd-([\.0-9].*).tar.xz debian

Created: 2017-08-12 Last update: 2017-08-23 01:26

1 security issue in sid

high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-7890: The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.

Please fix it.

Created: 2017-07-22 Last update: 2017-08-17 07:26

1 security issue in buster

high

There is 1 open security issue in buster.

1 important issue:

CVE-2017-7890: The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.

Please fix it.

Created: 2017-07-22 Last update: 2017-08-17 07:26

Standards version of the package is outdated.

high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.0.1 instead of 3.9.3).

Created: 2014-08-04 Last update: 2017-08-12 19:03

Fails to build during reproducibility testing

normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2017-07-24 Last update: 2017-08-23 01:37

1 bug tagged help in the BTS

normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2016-05-08 Last update: 2017-08-23 01:10

lintian reports 7 warnings

normal

Lintian reports 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2015-03-07 Last update: 2016-11-08 01:03

news

[rss feed]

[2017-08-12] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u9 (source amd64) into oldoldstable (Thorsten Alteholz)
[2017-08-12] Accepted libgd2 2.1.0-5+deb8u10 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-08-12] Accepted libgd2 2.2.4-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-02-12] Accepted libgd2 2.1.0-5+deb8u9 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2017-01-29] libgd2 2.2.4-2 MIGRATED to testing (Debian testing watch)
[2017-01-29] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u8 (source amd64) into oldstable (Balint Reczey)
[2017-01-18] Accepted libgd2 2.2.4-2 (source) into unstable (Ondřej Surý)
[2017-01-18] Accepted libgd2 2.2.4-1 (source) into unstable (Ondřej Surý)
[2017-01-02] Accepted libgd2 2.1.0-5+deb8u8 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2016-12-22] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u7 (source amd64) into oldstable (Balint Reczey)
[2016-11-14] libgd2 2.2.3-87-gd0fec80-3 MIGRATED to testing (Debian testing watch)
[2016-11-07] Accepted libgd2 2.2.3-87-gd0fec80-3 (source) into unstable (Ondřej Surý)
[2016-11-06] Accepted libgd2 2.2.3-87-gd0fec80-2 (source) into unstable (Ondřej Surý)
[2016-10-31] Accepted libgd2 2.2.3-87-gd0fec80-1 (source) into unstable (Ondřej Surý)
[2016-10-18] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u6 (source amd64) into oldstable (Thorsten Alteholz)
[2016-10-16] Accepted libgd2 2.1.0-5+deb8u7 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2016-08-02] libgd2 2.2.3-3 MIGRATED to testing (Debian testing watch)
[2016-07-30] Accepted libgd2 2.1.0-5+deb8u6 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2016-07-30] Accepted libgd2 2.1.0-5+deb8u5 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2016-07-27] Accepted libgd2 2.2.3-3 (source) into unstable (Ondřej Surý)
[2016-07-27] Accepted libgd2 2.2.3-2 (source) into unstable (Ondřej Surý)
[2016-07-26] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u5 (source amd64) into oldstable (Thorsten Alteholz)
[2016-07-26] Accepted libgd2 2.2.3-1 (source) into unstable (Ondřej Surý)
[2016-07-25] Accepted libgd2 2.2.2-43-g22cba39-2 (source) into unstable (Ondřej Surý)
[2016-07-20] Accepted libgd2 2.2.2-43-g22cba39-1 (source) into unstable (Ondřej Surý)
[2016-07-16] Accepted libgd2 2.1.0-5+deb8u4 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2016-07-14] Accepted libgd2 2.2.2-29-g3c2b605-1 (source amd64) into unstable (Ondřej Surý)
[2016-06-29] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u4 (source i386) into oldstable (signed by: Thorsten Alteholz)
[2016-05-29] libgd2 2.2.1-1 MIGRATED to testing (Debian testing watch)
[2016-05-27] Accepted libgd2 2.1.0-5+deb8u3 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)

bugs [bug history graph]

all: 10
RC: 1
I&N: 7
M&W: 2
F&P: 0

links

homepage
lintian (0, 7)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.2.4-2ubuntu1
7 bugs (1 patch)
patches for 2.2.4-2ubuntu1