Subject: CVS commit: pkgsrc/graphics/gd
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 06/14/2006 21:42:33
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Jun 14 21:42:33 UTC 2006

Modified Files:
	pkgsrc/graphics/gd: Makefile distinfo
Added Files:
	pkgsrc/graphics/gd/patches: patch-ac

Log Message:
Security fix for CVE-2006-2906:

"The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas
 Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote
 attackers to cause a denial of service (CPU consumption) via malformed
 GIF data that causes an infinite loop."

Patch from Xavier Roche via Ubuntu.


To generate a diff of this commit:
cvs rdiff -r1.69 -r1.70 pkgsrc/graphics/gd/Makefile
cvs rdiff -r1.22 -r1.23 pkgsrc/graphics/gd/distinfo
cvs rdiff -r0 -r1.3 pkgsrc/graphics/gd/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.