Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
LibGD team is proud to announce the 2.2.4 release of libgd.
Security related fixes:
This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:
- gdImageCreate() doesn't check for oversized images and as such is
prone to DoS vulnerabilities. (CVE-2016-9317)
- double-free in gdImageWebPtr() (CVE-2016-6912)
- potential unsigned underflow in gd_interpolation.c
- DOS vulnerability in gdImageCreateFromGd2Ctx()
- Signed Integer Overflow gd_io.c
For full list of changes, see CHANGELOG.md.
This is a recommended update.
Check out the full commits list since the previous release.