Skip to content

Comments

gd: 2.0.35 -> 2.1.1#15323

Merged
joachifm merged 5 commits intoNixOS:masterfrom
joachifm:libgd
May 15, 2016
Merged

gd: 2.0.35 -> 2.1.1#15323
joachifm merged 5 commits intoNixOS:masterfrom
joachifm:libgd

Conversation

@joachifm
Copy link
Contributor

@joachifm joachifm commented May 9, 2016
edited
Loading

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • OS X
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@mention-bot
Copy link

mention-bot commented May 9, 2016

By analyzing the blame information on this pull request, we identified @edolstra to be a potential reviewer

@joachifm
Copy link
Contributor Author

joachifm commented May 13, 2016

I have included a patch for CVE-2016-3074 from upstream.

joachifm added 2 commits May 14, 2016 07:15
@joachifm
gd: 2.0.35 -> 2.1.1
f8bdd79 
Upstream claims 2.1 is fully API compatible with 2.0

https://libgd.github.io/release-2.1.0.html
https://libgd.github.io/release-2.1.1.html

Also includes meta updates, adds pkg-config to the build environment,
for proper detection of dependencies, and adds optional support for tiff
and xpm image formats.
@joachifm
gd: apply patch for CVE-2016-3074 from upstream
220836d 
Source:
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19.patch

The original patch contains binary data, however, which is not supported
by `patch`; we could use `git apply` here, of course, but it was simpler
to just copy-paste only the fix into a separate file and include it in
the repo.
@joachifm
Copy link
Contributor Author

joachifm commented May 14, 2016

I've successfully built all but one package (hhvm, too large for me to tackle) that directly depends on gd. Per the changelog, this should be safe, so barring objections, I'll merge this soon.

joachifm added 3 commits May 14, 2016 07:41
@joachifm
pstoedit: explicit dependency on jpeg
a371094 
Possibly jpeg used to be propagated from gd but is no longer after
f8bdd79.
@joachifm
mscgen: add libjpeg to build inputs
9428652 
Possibly jpeg used to be propagated from gd but is no longer after
f8bdd79.
@joachifm
mldonkey: add libjpeg to build inputs
2113b73 
Possibly jpeg used to be propagated from gd but is no longer after
f8bdd79.
@joachifm joachifm added the 8.has: package (update) This PR updates a package to a newer version label May 14, 2016
@joachifm joachifm merged commit 397b356 into NixOS:master May 15, 2016
@joachifm joachifm deleted the libgd branch May 16, 2016 08:35
This was referenced Feb 28, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

8.has: package (update) This PR updates a package to a newer version

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joachifm @mention-bot