Bug 229707

Summary: graphics/gd - upgrade and fix a potential DOS
Product: Ports & Packages Reporter: Mikhail Teterin <mi>
Component: Individual Port(s)Assignee: Torsten Zuehlsdorff <tz>
Status: Closed FIXED    
Severity: Affects Some People CC: tz
Priority: --- Keywords: easy, patch
Version: LatestFlags: bugzilla: maintainer-feedback? (dinoex)
tz: merge-quarterly+
Hardware: Any   
OS: Any   
Bug Depends on:    
Bug Blocks: 217222    
Attachments:
Description Flags
Upgrade graphics/gd to 2.2.5
none
Upgrade graphics/gd to 2.2.5 none

Description Mikhail Teterin freebsd_committer freebsd_triage 2018-07-11 19:53:21 UTC 
Created attachment 195060 [details]
Upgrade graphics/gd to 2.2.5

The patch upgrades the port from 2.2.4 to 2.2.5 and adds a patch fixing the problem uncovered by PHP-developers in handling of malformed GIF-files:

https://bugs.php.net/bug.php?id=75571
Comment 1 Mikhail Teterin freebsd_committer freebsd_triage 2018-07-11 20:00:41 UTC 
Created attachment 195061 [details]
Upgrade graphics/gd to 2.2.5

This version contains the TEST_TARGET -- all tests pass for me here...
Comment 2 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2018-07-26 10:34:33 UTC 
Since this seems to run into maintainer-timeout i just started a build-test for this patch including all its 80 dependencies.
Comment 3 commit-hook freebsd_committer freebsd_triage 2018-07-27 07:39:32 UTC 
A commit references this bug:

Author: tz
Date: Fri Jul 27 07:39:14 UTC 2018
New revision: 475415
URL: https://svnweb.freebsd.org/changeset/ports/475415

Log:
  graphics/gd: Update from 2.2.4 to 2.2.5

  This update fixes 2 security issues:
  - Double-free in gdImagePngPtr(). (CVE-2017-6362)
  - Buffer over-read into uninitialized memory. (CVE-2017-7890)

  Full Changelog:
  https://github.com/libgd/libgd/blob/gd-2.2.5/CHANGELOG.md

  PR:		229707
  Submitted by:	Mikhail Teterin <mi@FreeBSD.org>
  Approved by:	maintainer timeout (dinoex, 2 weeks)
  MFH:		2018Q3
  Security:	CVE-2017-6362
  Security:	CVE-2017-7890

Changes:
  head/graphics/gd/Makefile
  head/graphics/gd/distinfo
  head/graphics/gd/files/patch-gd_gif_in.c
  head/graphics/gd/pkg-plist
Comment 4 commit-hook freebsd_committer freebsd_triage 2018-07-27 12:35:25 UTC 
A commit references this bug:

Author: tz
Date: Fri Jul 27 12:35:22 UTC 2018
New revision: 475431
URL: https://svnweb.freebsd.org/changeset/ports/475431

Log:
  MFH: r475415

  graphics/gd: Update from 2.2.4 to 2.2.5

  This update fixes 2 security issues:
  - Double-free in gdImagePngPtr(). (CVE-2017-6362)
  - Buffer over-read into uninitialized memory. (CVE-2017-7890)

  Full Changelog:
  https://github.com/libgd/libgd/blob/gd-2.2.5/CHANGELOG.md

  PR:		229707
  Submitted by:	Mikhail Teterin <mi@FreeBSD.org>
  Approved by:	maintainer timeout (dinoex, 2 weeks)
  Security:	CVE-2017-6362
  Security:	CVE-2017-7890

  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2018Q3/
  branches/2018Q3/graphics/gd/Makefile
  branches/2018Q3/graphics/gd/distinfo
  branches/2018Q3/graphics/gd/files/patch-gd_gif_in.c
  branches/2018Q3/graphics/gd/pkg-plist
Comment 5 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2018-07-27 12:37:49 UTC 
Committed and MFH'd :)

Thanks!