Update CHNAGELOG.md
parent
1d679baadf
commit
5c7bfa8d3f
80
CHANGELOG.md
80
CHANGELOG.md
|
@ -4,7 +4,85 @@ All notable changes to this project will be documented in this file.
|
|||
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
||||
and this project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
## [2.2.4] - 2017-01-XX
|
||||
## [2.3.0] - 2020-03-21
|
||||
|
||||
### Security
|
||||
|
||||
- Potential double-free in gdImage*Ptr(). (CVE-2019-6978)
|
||||
- gdImageColorMatch() out of bounds write on heap. (CVE-2019-6977)
|
||||
- Uninitialized read in gdImageCreateFromXbm(). (CVE-2019-11038)
|
||||
- Double-free in gdImageBmp. (CVE-2018-1000222)
|
||||
- Potential NULL pointer dereference in gdImageClone(). (CVE-2018-14553)
|
||||
- Potential infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711)
|
||||
|
||||
### Fixed
|
||||
|
||||
* Fix #597: add codecov support
|
||||
|
||||
- Fix #596: gdTransformAffineCopy run error
|
||||
|
||||
- Fix #589: Install dependencies move to .travis.yml
|
||||
|
||||
- Fix #586: gdTransformAffineCopy() segfaults on palette images
|
||||
- Fix #585: gdTransformAffineCopy() changes interpolation method
|
||||
- Fix #584: gdImageSetInterpolationMethod(im, GD_DEFAULT) inconsistent
|
||||
- Fix #583: gdTransformAffineCopy() may use unitialized values
|
||||
- Fix #533: Remove cmake modules
|
||||
- Fix #539: Add RAQM support for cmake
|
||||
- Fix #499: gdImageGifAnimAddPtr: heap corruption with 2 identical images
|
||||
- Fix #486: gdImageCropAuto(…, GD_CROP_SIDES) crops left but not right
|
||||
- Fix #485: auto cropping has insufficient precision
|
||||
- Fix #479: Provide a suitable malloc function to liq
|
||||
- Fix #474: libtiff link returns 404 HTTP code
|
||||
- Fix #450: Failed to open 1 bit per pixel bitmap
|
||||
- Fix #440: new_width & new_height exception handling
|
||||
- Fix #432: gdImageCrop neglecting transparency
|
||||
- Fix #420: Potential infinite loop in gdImageCreateFromGifCtx
|
||||
- Fix #411: gd_gd.c format documentation appears to be incorrect
|
||||
- Fix #369: Fix new_a init error in gdImageConvolution()
|
||||
- Fix #351: gdImageFilledArc() doesn't properly draw pies
|
||||
- Fix #338: Fatal and normal libjpeg/libpng errors not distinguishable
|
||||
- Fix #169: Update var type to hold bigger w&h for ellipse
|
||||
- Fix #164: update doc files install directory in CMakeLists.txt
|
||||
- Correct some test depend errors
|
||||
- Update cmake min version to 3.7
|
||||
- Delete libimagequant source code download action in CMakeLists.txt
|
||||
- Improve msys support
|
||||
- Fix some logic error in CMakeLists.txt
|
||||
- Remove the following macro: HAVE_STDLIB_H, HAVE_STRING_H, HAVE_STDDEF_H, HAVE_LIMITS_H, HAVE_ERRNO_H, AC_C_CONST
|
||||
|
||||
### Added
|
||||
|
||||
- test cases for following API: gdImageCopyResized(), gdImageWebpEx(), gdImageCreateFromGd2PartPtr(), gdImageCloneMatch(), gdImageColorClosestHWB(), gdImageColorMatch(), gdImageStringUp(), gdImageStringUp16(), gdImageString(), gdImageString16(), gdImageCopyMergeGray(), gdImageCopyMerge()
|
||||
|
||||
## [2.2.5] - 2017-08-30
|
||||
|
||||
### Security
|
||||
- Double-free in gdImagePngPtr(). (CVE-2017-6362)
|
||||
- Buffer over-read into uninitialized memory. (CVE-2017-7890)
|
||||
|
||||
### Fixed
|
||||
- Fix #109: XBM reading fails with printed error
|
||||
- Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable
|
||||
- Fix #357: 2.2.4: Segfault in test suite
|
||||
- Fix #386: gdImageGrayScale() may produce colors
|
||||
- Fix #406: webpng -i removes the transparent color
|
||||
- Fix Coverity #155475: Failure to restore alphaBlendingFlag
|
||||
- Fix Coverity #155476: potential resource leak
|
||||
- Fix several build issues and test failures
|
||||
- Fix and reenable optimized support for reading 1 bps TIFFs
|
||||
|
||||
### Added
|
||||
- The native MSVC buildchain now supports libtiff and most executables
|
||||
|
||||
## [2.2.4] - 2017-01-18
|
||||
|
||||
### Security
|
||||
- gdImageCreate() doesn't check for oversized images and as such is
|
||||
prone to DoS vulnerabilities. (CVE-2016-9317)
|
||||
- double-free in gdImageWebPtr() (CVE-2016-6912)
|
||||
- potential unsigned underflow in gd_interpolation.c
|
||||
- DOS vulnerability in gdImageCreateFromGd2Ctx()
|
||||
|
||||
### Fixed
|
||||
- Fix #354: Signed Integer Overflow gd_io.c
|
||||
|
|
Loading…
Reference in New Issue