Register | Log in

libgd2

Choose email to subscribe with

general

source: libgd2 (main)
version: 2.3.0-2
maintainer: GD Team (DMD)
uploaders: Ondřej Surý [DMD]
arch: any
std-ver: 3.9.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.1.0-5+deb8u11
o-o-sec: 2.1.0-5+deb8u14
oldstable: 2.2.4-2+deb9u5
old-sec: 2.2.4-2+deb9u4
stable: 2.2.5-5.2
testing: 2.3.0-2
unstable: 2.3.0-2

versioned links

2.1.0-5+deb8u11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-5+deb8u14: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4-2+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4-2+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.5-5.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.3.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libgd-dev (1 bugs: 0, 1, 0, 0)
libgd-tools
libgd3

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:08:03
Last run: 2020-07-23 14:53:14 UTC
Previous status: fail

testing: fail (log)
The tests ran in 0:08:05
Last run: 2020-08-01 02:00:41 UTC
Previous status: fail

stable: fail (log)
The tests ran in 0:06:05
Last run: 2020-07-26 07:16:35 UTC
Previous status: fail

Created: 2019-01-17 Last update: 2020-08-04 23:37

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 3.9.3).

Created: 2014-08-04 Last update: 2020-05-07 01:08

2 ignored security issues in buster low

There are 2 open security issues in buster.

2 issues skipped by the security teams:

CVE-2018-14553: gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVE-2017-6363: ** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"

Please fix them.

Created: 2020-02-13 Last update: 2020-07-06 05:01

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-14553: gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVE-2017-6363: ** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"

Please fix them.

Created: 2020-02-13 Last update: 2020-07-06 05:01

news

[2020-05-19] libgd2 2.3.0-2 MIGRATED to testing (Debian testing watch)
[2020-05-06] Accepted libgd2 2.3.0-2 (source) into unstable (Ondřej Surý)
[2020-04-24] Accepted libgd2 2.3.0-1 (source) into unstable (Ondřej Surý)
[2020-02-18] Accepted libgd2 2.1.0-5+deb8u14 (source) into oldoldstable (Roberto C. Sanchez)
[2019-06-30] Accepted libgd2 2.2.4-2+deb9u5 (source amd64) into proposed-updates->stable-new, proposed-updates (Jonas Meurer)
[2019-06-15] libgd2 2.2.5-5.2 MIGRATED to testing (Debian testing watch)
[2019-06-12] Accepted libgd2 2.2.5-5.2 (source) into unstable (Jonas Meurer)
[2019-06-11] Accepted libgd2 2.1.0-5+deb8u13 (source amd64) into oldstable (Jonas Meurer)
[2019-02-12] libgd2 2.2.5-5.1 MIGRATED to testing (Debian testing watch)
[2019-02-09] Accepted libgd2 2.2.4-2+deb9u4 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2019-02-06] Accepted libgd2 2.2.5-5.1 (source) into unstable (Salvatore Bonaccorso)
[2019-02-04] Accepted libgd2 2.2.4-2+deb9u4 (source) into stable->embargoed, stable (Salvatore Bonaccorso)
[2019-01-30] Accepted libgd2 2.1.0-5+deb8u12 (source amd64) into oldstable (Thorsten Alteholz)
[2018-11-03] libgd2 2.2.5-5 MIGRATED to testing (Debian testing watch)
[2018-11-03] libgd2 2.2.5-5 MIGRATED to testing (Debian testing watch)
[2018-10-29] Accepted libgd2 2.2.5-5 (source) into unstable (Ondřej Surý)
[2018-10-20] Accepted libgd2 2.2.4-2+deb9u3 (source amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2018-10-16] libgd2 2.2.5-4.1 MIGRATED to testing (Debian testing watch)
[2018-10-16] libgd2 2.2.5-4.1 MIGRATED to testing (Debian testing watch)
[2018-10-10] Accepted libgd2 2.2.5-4.1 (source) into unstable (Salvatore Bonaccorso)
[2018-01-19] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u11 (source amd64) into oldoldstable (Chris Lamb)
[2017-10-29] libgd2 2.2.5-4 MIGRATED to testing (Debian testing watch)
[2017-10-22] Accepted libgd2 2.2.5-4 (source) into unstable (Ondřej Surý)
[2017-09-22] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u10 (source amd64) into oldoldstable (Emilio Pozuelo Monfort)
[2017-09-21] libgd2 2.2.5-3 MIGRATED to testing (Debian testing watch)
[2017-09-18] Accepted libgd2 2.2.5-3 (source) into unstable (Ondřej Surý)
[2017-09-08] Accepted libgd2 2.1.0-5+deb8u11 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-09-07] Accepted libgd2 2.2.4-2+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-09-04] Accepted libgd2 2.2.5-2 (source) into unstable (Ondřej Surý)
[2017-08-30] Accepted libgd2 2.2.5-1 (source amd64) into unstable (Ondřej Surý)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 3
M&W: 1
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.3.0-2
8 bugs (1 patch)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing