Debian Package Tracker

general

source: libgd2 (main)
version: 2.2.5-4.1
maintainer: GD team (archive) [DMD]
uploaders: Ondřej Surý [DMD]
arch: any
std-ver: 3.9.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0.36~rc1~dfsg-6.1+deb7u2
o-o-sec: 2.0.36~rc1~dfsg-6.1+deb7u11
oldstable: 2.1.0-5+deb8u11
old-sec: 2.1.0-5+deb8u11
stable: 2.2.4-2+deb9u2
stable-sec: 2.2.4-2+deb9u2
testing: 2.2.5-4.1
unstable: 2.2.5-4.1

versioned links

2.0.36~rc1~dfsg-6.1+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.36~rc1~dfsg-6.1+deb7u11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-5+deb8u11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4-2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.5-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.5-4.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libgd-dev
libgd-tools
libgd3

action needed

Debci reports failed tests (log) high

Debci reports test failures (log).

The tests ran in 0h 6m 54s

Last run: 2018-10-13 04:16:00

Previous status: fail

Created: 2018-01-30 Last update: 2018-10-17 09:51

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: repository 'https://anonscm.debian.org/git/collab-maint/libgd2.git/' not found

Created: 2017-12-03 Last update: 2018-10-16 22:53

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 3.9.3).

Created: 2014-08-04 Last update: 2018-10-11 07:11

lintian reports 7 errors and 11 warnings high

Lintian reports 7 errors and 11 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2015-03-07 Last update: 2018-09-08 07:36

1 bug tagged help in the BTS normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2017-08-29 Last update: 2018-10-17 09:01

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-09-07 Last update: 2018-10-17 08:03

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-1000222: Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
CVE-2018-5711: gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

Please fix them.

Created: 2018-01-17 Last update: 2018-10-17 08:02

2 ignored security issues in jessie low

There are 2 open security issues in jessie.

2 issues skipped by the security teams:

CVE-2018-1000222: Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
CVE-2018-5711: gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

Please fix them.

Created: 2018-01-17 Last update: 2018-10-17 08:02

news

[rss feed]

[2018-10-16] libgd2 2.2.5-4.1 MIGRATED to testing (Debian testing watch)
[2018-10-16] libgd2 2.2.5-4.1 MIGRATED to testing (Debian testing watch)
[2018-10-10] Accepted libgd2 2.2.5-4.1 (source) into unstable (Salvatore Bonaccorso)
[2018-01-19] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u11 (source amd64) into oldoldstable (Chris Lamb)
[2017-10-29] libgd2 2.2.5-4 MIGRATED to testing (Debian testing watch)
[2017-10-22] Accepted libgd2 2.2.5-4 (source) into unstable (Ondřej Surý)
[2017-09-22] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u10 (source amd64) into oldoldstable (Emilio Pozuelo Monfort)
[2017-09-21] libgd2 2.2.5-3 MIGRATED to testing (Debian testing watch)
[2017-09-18] Accepted libgd2 2.2.5-3 (source) into unstable (Ondřej Surý)
[2017-09-08] Accepted libgd2 2.1.0-5+deb8u11 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-09-07] Accepted libgd2 2.2.4-2+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-09-04] Accepted libgd2 2.2.5-2 (source) into unstable (Ondřej Surý)
[2017-08-30] Accepted libgd2 2.2.5-1 (source amd64) into unstable (Ondřej Surý)
[2017-08-12] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u9 (source amd64) into oldoldstable (Thorsten Alteholz)
[2017-08-12] Accepted libgd2 2.1.0-5+deb8u10 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-08-12] Accepted libgd2 2.2.4-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-02-12] Accepted libgd2 2.1.0-5+deb8u9 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2017-01-29] libgd2 2.2.4-2 MIGRATED to testing (Debian testing watch)
[2017-01-29] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u8 (source amd64) into oldstable (Balint Reczey)
[2017-01-18] Accepted libgd2 2.2.4-2 (source) into unstable (Ondřej Surý)
[2017-01-18] Accepted libgd2 2.2.4-1 (source) into unstable (Ondřej Surý)
[2017-01-02] Accepted libgd2 2.1.0-5+deb8u8 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2016-12-22] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u7 (source amd64) into oldstable (Balint Reczey)
[2016-11-14] libgd2 2.2.3-87-gd0fec80-3 MIGRATED to testing (Debian testing watch)
[2016-11-07] Accepted libgd2 2.2.3-87-gd0fec80-3 (source) into unstable (Ondřej Surý)
[2016-11-06] Accepted libgd2 2.2.3-87-gd0fec80-2 (source) into unstable (Ondřej Surý)
[2016-10-31] Accepted libgd2 2.2.3-87-gd0fec80-1 (source) into unstable (Ondřej Surý)
[2016-10-18] Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u6 (source amd64) into oldstable (Thorsten Alteholz)
[2016-10-16] Accepted libgd2 2.1.0-5+deb8u7 (source amd64) into proposed-updates->stable-new, proposed-updates (Ondřej Surý)
[2016-08-02] libgd2 2.2.3-3 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 11
RC: 2
I&N: 7
M&W: 2
F&P: 0
patch: 0
help: 1

links

homepage
lintian (7, 11)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.2.5-4ubuntu1
6 bugs (1 patch)
patches for 2.2.5-4ubuntu1