Libgd Versions Save

GD Graphics Library

gd-2.3.3

2 years ago

The LibGD team is proud to announce the 2.3.3 release of libgd. This release brings a few fixes as well as improved compilations and builds on all platforms. On Windows, vcpkg to install libGd dependencies is now well supported.

Fixed

  • #759 update cmake to generate config.h in the build dir
  • #756 2.3.3 release
  • #750 gdPutBuf return value check
  • #729 HEIF builds fail with latest distros
  • #678 segfault in heif tests due to missing label.heic
  • #677 Test failure avif/compare_avif_to_png with libavif-0.8.2
  • #661 imagecopyresampled() produce artifacts on transparent PNG
  • #611 Fixes to build v2.3.0 on Windows with MinGW-w64
  • #415 optimize option in gif animation causes segfault
  • #331 _gdContributionsCalc() always uses DEFAULT_BOX_RADIUS
  • #320 gdImageRotateInterpolated() converts the source image to truecolor
  • #249 CMake and Makefiles build broken on Windows
  • #93 gdImageScaleTwoPass() looses top row and left column

gd-2.3.2

3 years ago

The LibGD team is proud to announce the 2.3.2 release of libgd.

Fixed

  • gif: allow decodin when both Global and Local Colormaps (#494)

Added

  • avif: Support for AVIF images via libavif (#557)
  • heif: Support for HEIF/AVIF images via libheif (#395) (#557)
  • webp: Drop ../deps/ search when building with cmake
  • Windows: Remove unused snprintf fallback

For full list of changes, see CHANGELOG.md.

Check out the full commits list since the previous release.

gd-2.3.1

3 years ago

The LibGD team is proud to announce the 2.3.1 release of libgd.

Fixed

  • Fix potential integer overflow detected by oss-fuzz
  • Fix #615 using libraqm
  • Fix #303: gdlib.pc: use Requires instead of Libs (#537)
  • Fixed #472: Adjusting CMakeLists.txt (#582)
  • Fix #615: gdImageStringFT() fails for empty strings as of libgd 2.3.0 (#633)
  • Fix typo but preserve BC

For full list of changes, see CHANGELOG.md.

This is a recommended update.

Check out the full commits list since the previous release.

gd-2.3.0

4 years ago

The LibGD team is proud to announce the 2.3.0 release of libgd.

Security related fixes:

  • Potential double-free in gdImage*Ptr(). (CVE-2019-6978)
  • gdImageColorMatch() out of bounds write on heap. (CVE-2019-6977)
  • Uninitialized read in gdImageCreateFromXbm(). (CVE-2019-11038)
  • Double-free in gdImageBmp. (CVE-2018-1000222)
  • Potential NULL pointer dereference in gdImageClone(). (CVE-2018-14553)
  • Potential infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711)

For full list of changes, see CHANGELOG.md.

This is a recommended update.

Check out the full commits list since the previous release.

gd-2.2.5

6 years ago

The LibGD team is proud to announce the 2.2.5 release of libgd.

Security related fixes:

  • Double-free in gdImagePngPtr(). (CVE-2017-6362)
  • Buffer over-read into uninitialized memory. (CVE-2017-7890)

For full list of changes, see CHANGELOG.md.

This is a recommended update.

Check out the full commits list since the previous release.

gd-2.2.4

7 years ago

LibGD team is proud to announce the 2.2.4 release of libgd.

Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:

  • gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317)
  • double-free in gdImageWebPtr() (CVE-2016-6912)
  • potential unsigned underflow in gd_interpolation.c
  • DOS vulnerability in gdImageCreateFromGd2Ctx()
  • Signed Integer Overflow gd_io.c

For full list of changes, see CHANGELOG.md.

This is a recommended update.

Check out the full commits list since the previous release.

gd-2.2.3

7 years ago

We welcome the 2.2.3 release around a month after 2.2.2 (we are getting consistent). Another important milestone in the GD 2.2 series.

Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:

  • fix php bug 72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766)
  • bug #248, fix Out-Of-Bounds Read in read_image_tga
  • gd: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6132)

Using application provided parameters, in these cases invalid data causes the issues:

  • Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207)
  • fix php bug 72494, invalid color index not handled, can lead to crash ( CVE-2016-6128)
  • improve color check for CropThreshold

Important update

  • gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd.

Numerous other fixes have been applied. The scale and rotation functions have been greatly improved as well.

This is a recommended update.

On a sidenote, we have now a gitter channel if you have any questions or like to discuss with us, in addition to our "#libgd" freenode channel: Chat

Issues fixed in this release: https://github.com/libgd/libgd/issues?q=is%3Aissue+milestone%3AGD-2.2.3+is%3Aclosed

You can download the 2.2.3 version of GD Graphics Library from here or using tag:

https://github.com/libgd/libgd/releases/tag/gd-2.2.3

Full commits list since 2.2.2 https://github.com/libgd/libgd/compare/gd-2.2.2...gd-2.2.3

gd-2.2.2

7 years ago

Exactly a month after 2.2.1 we welcome the 2.2.2 release. An important milestone in the GD 2.2 series.

Security related fixes:

  • Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (CVE-2016-5767)
  • #215 Stack overflow with gdImageFillToBorder (CVE-2015-8874)
  • NULL Pointer Dereference at _gdScaleVert

We also like to mention to consider the GD and GD2 image formats only for development or testing purposes. We do plan to deprecate it in GD 2.3 and remove it in GD 3.0. Its existence is not justified anymore as other formats provide lossless storage for both palette and truecolor images in a much more efficient way.

Numerous other fixes have been applied. The scale and rotation functions have been greatly improved as well.

This is a recommended update.

Issues fixed in this release: https://github.com/libgd/libgd/issues?q=milestone%3A%22GD+2.2.2%22+is%3Aclosed

You can download the 2.2.2 version of GD Graphics Library from here or using tag:

https://github.com/libgd/libgd/releases/tag/gd-2.2.2

Full commits list since 2.2.1 https://github.com/libgd/libgd/compare/gd-2.2.1...gd-2.2.2

gd-2.2.1

7 years ago

security hotfix!

gd-2.2.0

7 years ago

Mostly bugfixes including some security issues.