OpenPorts.se | The OpenBSD package collection

./graphics/gd [library for dynamic creation of images]

[+] Add this package to your ports tracker

[

CVSweb ] [

Homepage ] [

RSS feed ]

Version: 2.3.2, Package name: gd-2.3.2

Maintained by: The OpenBSD ports mailing-list

Master sites:

https://github.com/libgd/libgd/releases/download/gd-2.3.2/ (Download)

Description
GD is an open source code library for the dynamic creation of images by
programmers.

GD is written in C, and "wrappers" are available for Perl, PHP and other
languages. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other
formats. GD is commonly used to generate charts, graphics, thumbnails,
and most anything else, on the fly. While not restricted to use on the
web, the most common applications of GD involve website development.

Filesize: 3498.358 KB

Version History (View Complete History)

(2021-04-01) Updated to version: gd-2.3.2
(2021-01-31) Updated to version: gd-2.3.1
(2020-06-30) Updated to version: gd-2.3.0
(2017-09-01) Updated to version: gd-2.2.5
(2017-05-16) Updated to version: gd-2.2.4
(2015-11-14) Updated to version: gd-2.1.1
(2014-03-18) Updated to version: gd-2.1.0
(2010-01-04) Updated to version: gd-2.0.35p0
(2007-07-02) Updated to version: gd-2.0.35
(2007-06-01) Updated to version: gd-2.0.34p1

[show/hide] View available PLISTS (Can be a lot of data)

CVS Commit History:

2021-03-31 14:07:57 by Stuart Henderson | Files touched by this commit (3)

Log message:
update to libgd-2.3.2

2021-01-31 07:19:38 by Stuart Henderson | Files touched by this commit (3)

Log message:
update to gd-2.3.1

2020-10-08 14:17:19 by Stuart Henderson | Files touched by this commit (1)

Log message:
graphics/gd: switch to cmake build, from Brad, been through bulk on i386

2020-10-08 14:16:56 by Stuart Henderson | Files touched by this commit (2)

Log message:
graphics/gd: switch to cmake build, from Brad, been through bulk on i386

2020-06-29 18:05:49 by Stuart Henderson | Files touched by this commit (3)

Log message:
update to libgd-2.3.0, includes some security-related and other fixes,
Potential double-free in gdImage*Ptr(). (CVE-2019-6978)
gdImageColorMatch() out of bounds write on heap. (CVE-2019-6977)
Uninitialized read in gdImageCreateFromXbm(). (CVE-2019-11038)
Double-free in gdImageBmp. (CVE-2018-1000222)
Potential NULL pointer dereference in gdImageClone(). (CVE-2018-14553)
Potential infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711)
and see https://github.com/libgd/libgd/blob/gd-2.3.0/CHANGELOG.md
(if anyone is thinking of backporting, gdlib-config was removed,
p5-GD and cvsgraph updates will be needed)

2019-07-12 14:47:59 by Stuart Henderson | Files touched by this commit (874)

Log message:
replace simple PERMIT_PACKAGE_CDROM=Yes with PERMIT_PACKAGE=Yes

2018-10-24 08:28:14 by Stuart Henderson | Files touched by this commit (740)

Log message:
Add COMPILER lines to c++ ports which currently use the default. Adjust
some existing COMPILER lines with arch restrictions etc. In the usual
case this is now using "COMPILER = base-clang ports-gcc base-gcc" on
ports with c++ libraries in WANTLIB.
This is basically intended to be a noop on architectures using clang
as the system compiler, but help with other architectures where we
currently have many ports knocked out due to building with an unsuitable
compiler -
- some ports require c++11/newer so the GCC version in base that is used
on these archirtectures is too old.
- some ports have conflicts where an executable is built with one compiler
(e.g. gcc from base) but a library dependency is built with a different
one (e.g. gcc from ports), resulted in mixing incompatible libraries in the
same address space.
devel/gmp is intentionally skipped as it's on the path to building gcc -
the c++ library there is unused in ports (and not built by default upstream)
so intending to disable building gmpcxx in a future commit.

2018-06-24 06:22:51 by Antoine Jacoutot | Files touched by this commit (1)

Log message:
PORTROACH: ignore version gd-2.2.5.

2017-08-31 10:35:44 by Stuart Henderson | Files touched by this commit (2)

Log message:
update to libgd-2.2.5
### Security
- Double-free in gdImagePngPtr(). (CVE-2017-6362)
- Buffer over-read into uninitialized memory. (CVE-2017-7890)
### Fixed
- Fix #109: XBM reading fails with printed error
- Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable
- Fix #357: 2.2.4: Segfault in test suite
- Fix #386: gdImageGrayScale() may produce colors
- Fix #406: webpng -i removes the transparent color
- Fix Coverity #155475: Failure to restore alphaBlendingFlag
- Fix Coverity #155476: potential resource leak
- Fix several build issues and test failures
- Fix and reenable optimized support for reading 1 bps TIFFs

2017-07-26 16:45:35 by Stuart Henderson | Files touched by this commit (937)

Log message:
bump LIBCXX/LIBECXX/COMPILER_LIBCXX ports.

2017-07-16 13:19:06 by Marc Espie | Files touched by this commit (880)

Log message:
use COMPILER_LIBCXX where applicable

2017-05-15 13:54:22 by Rafael Sadowski | Files touched by this commit (6)

Log message:
update to gd-2.2.4
SECURITY fix for:
CVE-2016-9317,CVE-2016-6912,CVE-2016-10166,CVE-2016-10167,
CVE-2016-5767,CVE-2016-10168,CVE-2015-8874,CVE-2016-9933
Initial diff from me, diff to replace multimedia/libvpx with
graphics/libwebp from Brad Smith
ok sthen@, "looks okay" @landry

2017-04-10 05:46:23 by Stuart Henderson | Files touched by this commit (276)

Log message:
use LIBCXX

2016-09-13 09:29:02 by Christian Weisgerber | Files touched by this commit (24)

Log message:
replace libiconv module

2016-07-06 02:46:13 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Fix for CVE-2016-6161; from upstream

2016-07-06 02:46:01 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Fix for CVE-2016-6161; from upstream

2016-06-30 07:28:34 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Security fix for CVE-2016-6128 (libgd does not properly handle invalid color
index which could lead to a denial of service against applications using the
libgd library).

2016-06-30 07:27:42 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Security fix for CVE-2016-6128 (libgd does not properly handle invalid color
index which could lead to a denial of service against applications using the
libgd library).

2016-05-18 02:28:55 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
security fix for CVE-2016-3074

2016-05-09 00:29:18 by Antoine Jacoutot | Files touched by this commit (2)

Log message:
SECURITY: gd2: handle corrupt images better (CVE-2016-3074)
from Brad

2015-11-14 05:54:19 by Stuart Henderson | Files touched by this commit (1)

Log message:
ENOTENOUGHCOFFEE: actually bump gd's shared library minor like I intended to.

2015-11-14 05:45:46 by Stuart Henderson | Files touched by this commit (1)

Log message:
remove SEPARATE_BUILD that I added in previous commit, build is ok with it
but tests don't find a .h

2015-11-14 05:41:53 by Stuart Henderson | Files touched by this commit (4)

Log message:
update to gd-2.1.1, based on a diff from Rafael Sadowski

2015-08-17 13:52:40 by Stuart Henderson | Files touched by this commit (19)

Log message:
sync WANTLIB

2015-05-22 05:31:20 by Antoine Jacoutot | Files touched by this commit (296)

Log message:
"/usr/local/lib/pkgconfig/" is part of mtree(8).
Packages should not own this dir to prevent its deletion or a warning that it
cannot be removed because it's not empty at pkg_delete(1) time.

2015-04-18 03:16:36 by Stuart Henderson | Files touched by this commit (1)

Log message:
Allow gd to build with newer libvpx, from Brad.

2015-03-26 03:16:45 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Security fix for CVE-2014-9709, gd: buffer read overflow in gd_gif_in.c
php-gd was already fixed

2015-03-26 03:16:39 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Security fix for CVE-2014-9709, gd: buffer read overflow in gd_gif_in.c
php-gd was already fixed

2015-03-26 03:16:31 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
Security fix for CVE-2014-9709, gd: buffer read overflow in gd_gif_in.c
php-gd was already fixed

2010-11-17 01:05:18 by Marc Espie | Files touched by this commit (317)

Log message:
new depends

2010-10-24 15:21:02 by Antoine Jacoutot | Files touched by this commit (91)

Log message:
Remove USE_X11.

2010-09-27 13:54:28 by Christian Weisgerber | Files touched by this commit (1)

Log message:
* fix timestamps to prevent autotools cascade from triggering
* switch to REVISION and new LIB_DEPENDS/WANTLIB while here

2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25)

Log message:
remove -Lxxx/.libs workarounds required with GNU libtool

2010-01-30 18:47:28 by William Yodlowsky | Files touched by this commit (2)

Log message:
MFC:
SECURITY FIX
Resolves CVE-2009-3546
ok jasper@

2010-01-04 08:05:49 by Jasper Lievisse Adriaanse | Files touched by this commit (2)

Log message:
SECURITY FIX for CVE-2009-3546
buffer overflow or buffer over-read attacks via a crafted GD file

2007-09-15 14:09:43 by Simon Bertrang | Files touched by this commit (142)

Log message:
remove surrounding quotes from COMMENT/BROKEN/PERMIT_*

2007-07-02 04:46:04 by Steven Mestdagh | Files touched by this commit (4)

Log message:
update to 2.0.35
ok simon@

2007-06-06 00:07:43 by Nikolay Sturm | Files touched by this commit (3)

Log message:
MFC:
roll in a distribution patch which fixes:
CVE-2007-2756 gdPngReadData function allows user-assisted attackers to
cause a denial of service
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756

2007-06-06 00:07:18 by Nikolay Sturm | Files touched by this commit (2)

Log message:
MFC:
roll in a distribution patch which fixes:
CVE-2007-2756 gdPngReadData function allows user-assisted attackers to
cause a denial of service
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756

2007-05-31 12:32:06 by Rui Reis | Files touched by this commit (2)

Log message:
roll in a distribution patch which fixes:
CVE-2007-2756 gdPngReadData function allows user-assisted attackers to cause a denial of service
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
ok naddy@

2007-04-08 09:31:01 by Nikolay Sturm | Files touched by this commit (3)

Log message:
fix WANTLIB after switch to xenocara

2007-04-05 10:20:19 by Marc Espie | Files touched by this commit (912)

Log message:
base64 checksums.

2007-02-18 09:14:43 by Nikolay Sturm | Files touched by this commit (3)

Log message:
MFC:
Security update to gd-2.0.34. (CVE-2007-0455)
This update fixes multiple security vulnerabilities.
More info:
http://www.libgd.org/ReleaseNote020034
http://secunia.com/advisories/23916/

2007-02-18 09:07:54 by Nikolay Sturm | Files touched by this commit (3)

Log message:
MFC:
Security update to gd-2.0.34. (CVE-2007-0455)
This update fixes multiple security vulnerabilities.
More info:
http://www.libgd.org/ReleaseNote020034
http://secunia.com/advisories/23916/

2007-02-17 09:30:11 by Bernd Ahlers | Files touched by this commit (5)

Log message:
Security update to gd-2.0.34. (CVE-2007-0455)
This update fixes multiple security vulnerabilities.
More info:
http://www.libgd.org/ReleaseNote020034
http://secunia.com/advisories/23916/
Tested in a bulk build by steven@. Thanks!
ok espie@

2006-08-02 04:10:35 by Marc Espie | Files touched by this commit (20)

Log message:
more new lib specs

2006-06-17 10:07:25 by Nikolay Sturm | Files touched by this commit (2)

Log message:
MFC:
Security fix for gd-2.0.33. (CVE-2006-2906)
Fixes an infinite loop error within the handling of GIF images.
Detailed information: http://secunia.com/advisories/20500/
Fix from Xavier Roche via Ubuntu via NetBSD

2006-06-15 16:18:25 by Bernd Ahlers | Files touched by this commit (2)

Log message:
Security fix for gd-2.0.33. (CVE-2006-2906)
Fixes an infinite loop error within the handling of GIF images.
Detailed information: http://secunia.com/advisories/20500/
Fix from Xavier Roche via Ubuntu via NetBSD
ok naddy@

2006-01-07 18:38:37 by Steven Mestdagh | Files touched by this commit (8)

Log message:
remove MODGNU_SHARED_LIBS, LIBname_ALIAS and related patches

2005-12-26 07:40:14 by Steven Mestdagh | Files touched by this commit (2)

Log message:
SHARED_LIBS

2005-10-23 23:02:41 by Federico G. Schwindt | Files touched by this commit (2)

Log message:
try again: remove ttf, X11, Xpm and pthreads dependencies.
use libtool, from bernd@.
sturm@ ok.

2005-10-16 10:48:14 by Federico G. Schwindt | Files touched by this commit (1)

Log message:
revert ttf removal until all the gd ports that depend on it are also
aware of this. report by sturm@. sorry about this.

2005-10-13 00:55:22 by Federico G. Schwindt | Files touched by this commit (1)

Log message:
remove ttf from dependencies; pointed out by patrick
(sidsrr at yahoo dot com).

2005-10-11 23:37:43 by Federico G. Schwindt | Files touched by this commit (10)

Log message:
update to gd 2.0.33; brings gif back between many other things.
reviewed by several ppl, many thanks.

2005-01-05 09:50:39 by Christian Weisgerber | Files touched by this commit (106)

Log message:
SIZE

2004-11-29 18:06:40 by Marc Espie | Files touched by this commit (60)

Log message:
WANTLIB markers

2004-09-14 18:50:12 by Marc Espie | Files touched by this commit (121)

Log message:
new plists

2003-12-15 14:42:44 by Christian Weisgerber | Files touched by this commit (507)

Log message:
remove WWW lines

2003-04-19 07:30:47 by Marc Espie | Files touched by this commit (18)

Log message:
move freetype1 includes in a separate subdirectory.

2002-12-29 13:08:47 by Federico G. Schwindt | Files touched by this commit (21)

Log message:
guess what? more NEED_VERSION rm.