GD v2.2.4 Release Notes
Release Date: 2017-01-18 // over 7 years ago-
๐ Security
- gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317)
- ๐ double-free in gdImageWebPtr() (CVE-2016-6912)
- potential unsigned underflow in gd_interpolation.c
- DOS vulnerability in gdImageCreateFromGd2Ctx()
๐ Fixed
- ๐ Fix #354: Signed Integer Overflow gd_io.c
- ๐ Fix #340: System frozen
- ๐ Fix OOB reads of the TGA decompression buffer
- ๐ Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
- ๐ Fix potential unsigned underflow
- ๐ Fix double-free in gdImageWebPtr()
- ๐ Fix invalid read in gdImageCreateFromTiffPtr()
- ๐ Fix OOB reads of the TGA decompression buffer
- ๐ Fix #68: gif: buffer underflow reported by AddressSanitizer
- Avoid potentially dangerous signed to unsigned conversion
- ๐ Fix #304: test suite failure in gif/bug00006 [2.2.3]
- Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
- ๐ Fix #330: Integer overflow in gdImageScaleBilinearPalette()
- ๐ Fix 321: Null pointer dereferences in gdImageRotateInterpolated
- ๐ Fix whitespace and add missing comment block
- ๐ Fix #319: gdImageRotateInterpolated can have wrong background color
- ๐ Fix color quantization documentation
- ๐ Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
- Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
- Fix #300: gdImageClone() assigns res_y = res_x
- ๐ Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
- ๐ Replace GNU old-style field designators with C89 compatible initializers
- ๐ Fix #297: gdImageCrop() converts palette image to truecolor image
- ๐ Fix #290: TGA RLE decoding is broken
- ๐ Fix unnecessary non NULL checks
- ๐ Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files
- ๐ Fix #280: gdImageWebpEx()
quantization
parameter is a misnomer - Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
- ๐ Fix issue #276: Sometimes pixels are missing when storing images as BMPs
- ๐ Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
- ๐ Fix copy&paste error in gdImageScaleBicubicFixed()
โ Added
- ๐ More documentation
- ๐ Documentation on GD and GD2 formats
- โ More tests