The LibGD team is proud to announce the 2.3.0 release of libgd.
Security related fixes:
- Potential double-free in gdImage*Ptr(). (CVE-2019-6978)
- gdImageColorMatch() out of bounds write on heap. (CVE-2019-6977)
- Uninitialized read in gdImageCreateFromXbm(). (CVE-2019-11038)
- Double-free in gdImageBmp. (CVE-2018-1000222)
- Potential NULL pointer dereference in gdImageClone(). (CVE-2018-14553)
- Potential infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711)
For full list of changes, see CHANGELOG.md.
This is a recommended update.
Check out the full commits list since the previous release.