gd (SSA:2007-178-01)
Posted on: 06/27/2007 04:15 PM

GD is an open source code library for the dynamic creation of images.

New gd packages are available for Slackware 11.0, and -current to fix possible security issues.

Please see: http://www.libgd.org/ReleaseNote020035
for complete release notes. "Upgrading is strongly recommended."

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
patches/packages/gd-2.0.35-i486-1_slack11.0.tgz:
Upgraded to gd-2.0.35.
This fixes a few possible security issues:
* Possible infinite loop in the PNG reader
* Possible integer overflow in gdImageCreateTrueColor
* Possible crash in gdImageCreateXbm
* Numerous flaws in the GIF reader
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/gd-2.0.35-i486-1.tgz


MD5 signatures:
+-------------+

Slackware 11.0 package:
d29e978cd31d64d6d8bb4db0c48822de gd-2.0.35-i486-1_slack11.0.tgz

Slackware -current package:
2a2d38f9b985bb01a1d558a082d28131 gd-2.0.35-i486-1.tgz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg gd-2.0.35-i486-1_slack11.0.tgz


+-----+

Slackware Linux Security Team


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/gd_ssa2007_178_01.html)