diff options
author | adam <adam> | 2016-08-02 18:29:21 +0000 |
---|---|---|
committer | adam <adam> | 2016-08-02 18:29:21 +0000 |
commit | 887fe0e170291c3622e6ee2bd59ed8c7a8aae455 (patch) | |
tree | b10f34f074af5491125c7e85ae56496fb8031706 /graphics/gd/options.mk | |
parent | aef7b9f0972260aae23baa0abb038fe28dd7b07e (diff) | |
download | pkgsrc-887fe0e170291c3622e6ee2bd59ed8c7a8aae455.tar.gz |
We welcome the 2.2.3 release around a month after 2.2.2 (we are getting consistent). Another important milestone in the GD 2.2 series.
Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:
* fix php bug 72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766)
* bug 247, A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132)
* also bug 247, Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214)
* bug 248, fix Out-Of-Bounds Read in read_image_tga
Using application provided parameters, in these cases invalid data causes the issues:
* Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207)
* fix php bug 72494, invalid color index not handled, can lead to crash ( CVE-2016-6128)
* improve color check for CropThreshold
Important update:
* gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd.
Diffstat (limited to 'graphics/gd/options.mk')
-rw-r--r-- | graphics/gd/options.mk | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/graphics/gd/options.mk b/graphics/gd/options.mk index 063b162b2b8..df703e21f23 100644 --- a/graphics/gd/options.mk +++ b/graphics/gd/options.mk @@ -1,8 +1,7 @@ -# $NetBSD: options.mk,v 1.4 2015/07/04 16:18:35 joerg Exp $ +# $NetBSD: options.mk,v 1.5 2016/08/02 18:29:21 adam Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.gd -PKG_SUPPORTED_OPTIONS= libvpx x11 -PKG_SUGGESTED_OPTIONS= libvpx +PKG_SUPPORTED_OPTIONS= x11 .include "../../mk/bsd.options.mk" @@ -13,10 +12,3 @@ CONFIGURE_ARGS+= --with-xpm=${BUILDLINK_PREFIX.libXpm} .else CONFIGURE_ARGS+= --without-xpm .endif - -.if !empty(PKG_OPTIONS:Mlibvpx) -.include "../../multimedia/libvpx/buildlink3.mk" -CONFIGURE_ARGS+= --with-vpx=${BUILDLINK_PREFIX.libvpx} -.else -CONFIGURE_ARGS+= --without-vpx -.endif |