Skip to content

LibGD 2.2.4

Compare
Choose a tag to compare
@oerdnj oerdnj released this 18 Jan 11:09
· 1039 commits to master since this release
gd-2.2.4

LibGD team is proud to announce the 2.2.4 release of libgd.

Security related fixes:
This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs:

  • gdImageCreate() doesn't check for oversized images and as such is
    prone to DoS vulnerabilities. (CVE-2016-9317)
  • double-free in gdImageWebPtr() (CVE-2016-6912)
  • potential unsigned underflow in gd_interpolation.c
  • DOS vulnerability in gdImageCreateFromGd2Ctx()
  • Signed Integer Overflow gd_io.c

For full list of changes, see CHANGELOG.md.

This is a recommended update.

Check out the full commits list since the previous release.