Package init

2019-09-30 10:39:22 -04:00 · 2019-09-30 10:39:22 -04:00 · 3d2edb6ecf
commit 3d2edb6ecf
8 changed files with 543 additions and 0 deletions
--- a/CVE-2018-1000222.patch
+++ b/CVE-2018-1000222.patch
@ -0,0 +1,73 @@
+From ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sat, 14 Jul 2018 13:54:08 -0400
+Subject: [PATCH] bmp: check return value in gdImageBmpPtr
+
+Closes #447.
+---
+ src/gd_bmp.c | 17 ++++++++++++++---
+ 1 file changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/src/gd_bmp.c b/src/gd_bmp.c
+index bde0b9d3..78f40d9a 100644
+--- a/src/gd_bmp.c
+++ b/src/gd_bmp.c
+@@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp
+ static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header);
+ static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);
+ 
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression);
+
+ #define BMP_DEBUG(s)
+ 
+ static int gdBMPPutWord(gdIOCtx *out, int w)
+@@ -87,8 +89,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageBmpCtx(im, out, compression);
+-	rv = gdDPExtractData(out, size);
+	if (!_gdImageBmpCtx(im, out, compression))
+		rv = gdDPExtractData(out, size);
+	else
+		rv = NULL;
+ 	out->gd_free(out);
+ 	return rv;
+ }
+@@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression)
+ 		compression - whether to apply RLE or not.
+ */
+ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+{
+	_gdImageBmpCtx(im, out, compression);
+}
+
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+ {
+ 	int bitmap_size = 0, info_size, total_size, padding;
+ 	int i, row, xpos, pixel;
+@@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+ 	unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL;
+ 	FILE *tmpfile_for_compression = NULL;
+ 	gdIOCtxPtr out_original = NULL;
+	int ret = 1;
+ 
+ 	/* No compression if its true colour or we don't support seek */
+ 	if (im->trueColor) {
+@@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+ 		out_original = NULL;
+ 	}
+ 
+	ret = 0;
+ cleanup:
+ 	if (tmpfile_for_compression) {
+ #ifdef _WIN32
+@@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+ 	if (out_original) {
+ 		out_original->gd_free(out_original);
+ 	}
+-	return;
+	return ret;
+ }
+ 
+ static int compress_row(unsigned char *row, int length)
--- a/CVE-2019-11038.patch
+++ b/CVE-2019-11038.patch
@ -0,0 +1,36 @@
+From c76ed17aee1f88e1bf9b9fc2c9b29a9a462aa347 Mon Sep 17 00:00:00 2001
+From: Jonas Meurer <jonas@freesources.org>
+Date: Tue, 11 Jun 2019 12:16:46 +0200
+Subject: [PATCH] Fix #501: Uninitialized read in gdImageCreateFromXbm
+ (CVE-2019-11038)
+
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11038
+Bug-Debian: https://bugs.debian.org/929821
+Bug: https://github.com/libgd/libgd/issues/501
+
+We have to ensure that `sscanf()` does indeed read a hex value here,
+and bail out otherwise.
+
+Original patch by Christoph M. Becker <cmbecker69@gmx.de> for PHP libgd ext.
+https://git.php.net/?p=php-src.git;a=commit;h=ed6dee9a198c904ad5e03113e58a2d2c200f5184
+---
+ src/gd_xbm.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/gd_xbm.c b/src/gd_xbm.c
+index 4ca41acf..cf0545ef 100644
+--- a/src/gd_xbm.c
+++ b/src/gd_xbm.c
+@@ -169,7 +169,11 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm(FILE * fd)
+ 			}
+ 			h[3] = ch;
+ 		}
+-		sscanf(h, "%x", &b);
+		if (sscanf(h, "%x", &b) != 1) {
+			gd_error("invalid XBM");
+			gdImageDestroy(im);
+			return 0;
+		}
+ 		for (bit = 1; bit <= max_bit; bit = bit << 1) {
+ 			gdImageSetPixel(im, x++, y, (b & bit) ? 1 : 0);
+ 			if (x == im->sx) {
--- a/CVE-2019-6977.patch
+++ b/CVE-2019-6977.patch
@ -0,0 +1,13 @@
+--- a/src/gd_color_match.c	2017-08-30 07:05:54.000000000 -0400
+++ b/src/gd_color_match.c	2019-06-05 07:53:47.058000000 -0400
+@@ -31,8 +31,8 @@ BGD_DECLARE(int) gdImageColorMatch (gdIm
+ 		return -4; /* At least 1 color must be allocated */
+ 	}
+ 
+-	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal);
+-	memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
+	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors);
+	memset( buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
+ 
+ 	for (x=0; x < im1->sx; x++) {
+ 		for( y=0; y<im1->sy; y++ ) {
--- a/CVE-2019-6978.patch
+++ b/CVE-2019-6978.patch
@ -0,0 +1,216 @@
+From 553702980ae89c83f2d6e254d62cf82e204956d0 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Thu, 17 Jan 2019 11:54:55 +0100
+Subject: [PATCH] Fix #492: Potential double-free in gdImage*Ptr()
+
+Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
+must not call `gdDPExtractData()`; otherwise a double-free would
+happen.  Since `gdImage*Ctx()` are void functions, and we can't change
+that for BC reasons, we're introducing static helpers which are used
+internally.
+
+We're adding a regression test for `gdImageJpegPtr()`, but not for
+`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
+trigger failure of the respective `gdImage*Ctx()` calls.
+
+This potential security issue has been reported by Solmaz Salimi (aka.
+Rooney).
+---
+ src/gd_gif_out.c                  | 18 +++++++++++++++---
+ src/gd_jpeg.c                     | 20 ++++++++++++++++----
+ src/gd_wbmp.c                     | 21 ++++++++++++++++++---
+ tests/jpeg/.gitignore             |  1 +
+ tests/jpeg/CMakeLists.txt         |  1 +
+ tests/jpeg/Makemodule.am          |  3 ++-
+ tests/jpeg/jpeg_ptr_double_free.c | 31 +++++++++++++++++++++++++++++++
+ 7 files changed, 84 insertions(+), 11 deletions(-)
+ create mode 100644 tests/jpeg/jpeg_ptr_double_free.c
+
+diff --git a/src/gd_gif_out.c b/src/gd_gif_out.c
+index 298a5812..d5a95346 100644
+--- a/src/gd_gif_out.c
+++ b/src/gd_gif_out.c
+@@ -99,6 +99,7 @@ static void char_init(GifCtx *ctx);
+ static void char_out(int c, GifCtx *ctx);
+ static void flush_char(GifCtx *ctx);
+ 
+static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out);
+ 
+ 
+ 
+@@ -131,8 +132,11 @@ BGD_DECLARE(void *) gdImageGifPtr(gdImagePtr im, int *size)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageGifCtx(im, out);
+-	rv = gdDPExtractData(out, size);
+	if (!_gdImageGifCtx(im, out)) {
+		rv = gdDPExtractData(out, size);
+	} else {
+		rv = NULL;
+	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
+@@ -220,6 +224,12 @@ BGD_DECLARE(void) gdImageGif(gdImagePtr im, FILE *outFile)
+ 
+ */
+ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+{
+	_gdImageGifCtx(im, out);
+}
+
+/* returns 0 on success, 1 on failure */
+static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ {
+ 	gdImagePtr pim = 0, tim = im;
+ 	int interlace, BitsPerPixel;
+@@ -231,7 +241,7 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ 		based temporary image. */
+ 		pim = gdImageCreatePaletteFromTrueColor(im, 1, 256);
+ 		if(!pim) {
+-			return;
+			return 1;
+ 		}
+ 		tim = pim;
+ 	}
+@@ -247,6 +257,8 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ 		/* Destroy palette based temporary image. */
+ 		gdImageDestroy(	pim);
+ 	}
+
+	return 0;
+ }
+ 
+ 
+diff --git a/src/gd_jpeg.c b/src/gd_jpeg.c
+index fc058420..96ef4302 100644
+--- a/src/gd_jpeg.c
+++ b/src/gd_jpeg.c
+@@ -117,6 +117,8 @@ static void fatal_jpeg_error(j_common_ptr cinfo)
+ 	exit(99);
+ }
+ 
+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality);
+
+ /*
+  * Write IM to OUTFILE as a JFIF-formatted JPEG image, using quality
+  * QUALITY.  If QUALITY is in the range 0-100, increasing values
+@@ -231,8 +233,11 @@ BGD_DECLARE(void *) gdImageJpegPtr(gdImagePtr im, int *size, int quality)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageJpegCtx(im, out, quality);
+-	rv = gdDPExtractData(out, size);
+	if (!_gdImageJpegCtx(im, out, quality)) {
+		rv = gdDPExtractData(out, size);
+	} else {
+		rv = NULL;
+	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
+@@ -253,6 +258,12 @@ void jpeg_gdIOCtx_dest(j_compress_ptr cinfo, gdIOCtx *outfile);
+ 
+ */
+ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+{
+	_gdImageJpegCtx(im, outfile, quality);
+}
+
+/* returns 0 on success, 1 on failure */
+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ {
+ 	struct jpeg_compress_struct cinfo;
+ 	struct jpeg_error_mgr jerr;
+@@ -287,7 +298,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 		if(row) {
+ 			gdFree(row);
+ 		}
+-		return;
+		return 1;
+ 	}
+ 
+ 	cinfo.err->emit_message = jpeg_emit_message;
+@@ -328,7 +339,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 	if(row == 0) {
+ 		gd_error("gd-jpeg: error: unable to allocate JPEG row structure: gdCalloc returns NULL\n");
+ 		jpeg_destroy_compress(&cinfo);
+-		return;
+		return 1;
+ 	}
+ 
+ 	rowptr[0] = row;
+@@ -405,6 +416,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 	jpeg_finish_compress(&cinfo);
+ 	jpeg_destroy_compress(&cinfo);
+ 	gdFree(row);
+	return 0;
+ }
+ 
+ 
+diff --git a/src/gd_wbmp.c b/src/gd_wbmp.c
+index f19a1c96..a49bdbec 100644
+--- a/src/gd_wbmp.c
+++ b/src/gd_wbmp.c
+@@ -88,6 +88,8 @@ int gd_getin(void *in)
+ 	return (gdGetC((gdIOCtx *)in));
+ }
+ 
+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out);
+
+ /*
+ 	Function: gdImageWBMPCtx
+ 
+@@ -100,6 +102,12 @@ int gd_getin(void *in)
+ 		out   - the stream where to write
+ */
+ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+{
+	_gdImageWBMPCtx(image, fg, out);
+}
+
+/* returns 0 on success, 1 on failure */
+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ {
+ 	int x, y, pos;
+ 	Wbmp *wbmp;
+@@ -107,7 +115,7 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ 	/* create the WBMP */
+ 	if((wbmp = createwbmp(gdImageSX(image), gdImageSY(image), WBMP_WHITE)) == NULL) {
+ 		gd_error("Could not create WBMP\n");
+-		return;
+		return 1;
+ 	}
+ 
+ 	/* fill up the WBMP structure */
+@@ -123,11 +131,15 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ 
+ 	/* write the WBMP to a gd file descriptor */
+ 	if(writewbmp(wbmp, &gd_putout, out)) {
+		freewbmp(wbmp);
+ 		gd_error("Could not save WBMP\n");
+		return 1;
+ 	}
+ 
+ 	/* des submitted this bugfix: gdFree the memory. */
+ 	freewbmp(wbmp);
+
+	return 0;
+ }
+ 
+ /*
+@@ -271,8 +283,11 @@ BGD_DECLARE(void *) gdImageWBMPPtr(gdImagePtr im, int *size, int fg)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageWBMPCtx(im, fg, out);
+-	rv = gdDPExtractData(out, size);
+	if (!_gdImageWBMPCtx(im, fg, out)) {
+		rv = gdDPExtractData(out, size);
+	} else {
+		rv = NULL;
+	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
--- a/gd-2.1.0-multilib.patch
+++ b/gd-2.1.0-multilib.patch
@ -0,0 +1,33 @@
+diff -up gd-2.1.0/config/gdlib-config.in.multilib gd-2.1.0/config/gdlib-config.in
+--- gd-2.1.0/config/gdlib-config.in.multilib	2013-04-21 16:58:17.820010758 +0200
+++ gd-2.1.0/config/gdlib-config.in	2013-04-21 16:59:27.896317922 +0200
+@@ -7,9 +7,10 @@
+ # installation directories
+ prefix=@prefix@
+ exec_prefix=@exec_prefix@
+-libdir=@libdir@
+libdir=`pkg-config gdlib --variable=libdir`
+ includedir=@includedir@
+ bindir=@bindir@
+ldflags=`pkg-config gdlib --variable=ldflags`
+ 
+ usage()
+ {
+@@ -68,7 +69,7 @@ while test $# -gt 0; do
+ 	echo @GDLIB_REVISION@
+ 	;;
+     --ldflags)
+-	echo @LDFLAGS@
+	echo $ldflags
+ 	;;
+     --libs)
+ 	echo -lgd @LIBS@ @LIBICONV@
+@@ -83,7 +84,7 @@ while test $# -gt 0; do
+ 	echo "GD library  @VERSION@"
+ 	echo "includedir: $includedir"
+ 	echo "cflags:     -I@includedir@"
+-	echo "ldflags:    @LDFLAGS@"
+	echo "ldflags:    $ldflags"
+ 	echo "libs:       @LIBS@ @LIBICONV@"
+ 	echo "libdir:     $libdir"
+ 	echo "features:   @FEATURES@"
--- a/gd-2.2.5-upstream.patch
+++ b/gd-2.2.5-upstream.patch
@ -0,0 +1,62 @@
+From a11f47475e6443b7f32d21f2271f28f417e2ac04 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Wed, 29 Nov 2017 19:37:38 +0100
+Subject: [PATCH] Fix #420: Potential infinite loop in gdImageCreateFromGifCtx
+
+Due to a signedness confusion in `GetCode_` a corrupt GIF file can
+trigger an infinite loop.  Furthermore we make sure that a GIF without
+any palette entries is treated as invalid *after* open palette entries
+have been removed.
+
+CVE-2018-5711
+
+See also https://bugs.php.net/bug.php?id=75571.
+---
+ src/gd_gif_in.c             |  12 ++++++------
+ tests/gif/.gitignore        |   1 +
+ tests/gif/CMakeLists.txt    |   1 +
+ tests/gif/Makemodule.am     |   2 ++
+ tests/gif/php_bug_75571.c   |  28 ++++++++++++++++++++++++++++
+ tests/gif/php_bug_75571.gif | Bin 0 -> 1731 bytes
+ 6 files changed, 38 insertions(+), 6 deletions(-)
+ create mode 100644 tests/gif/php_bug_75571.c
+ create mode 100644 tests/gif/php_bug_75571.gif
+
+diff --git a/src/gd_gif_in.c b/src/gd_gif_in.c
+index daf26e79..0a8bd717 100644
+--- a/src/gd_gif_in.c
+++ b/src/gd_gif_in.c
+@@ -335,11 +335,6 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd)
+ 		return 0;
+ 	}
+ 
+-	if(!im->colorsTotal) {
+-		gdImageDestroy(im);
+-		return 0;
+-	}
+-
+ 	/* Check for open colors at the end, so
+ 	 * we can reduce colorsTotal and ultimately
+ 	 * BitsPerPixel */
+@@ -351,6 +346,11 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGifCtx(gdIOCtxPtr fd)
+ 		}
+ 	}
+ 
+	if(!im->colorsTotal) {
+		gdImageDestroy(im);
+		return 0;
+	}
+
+ 	return im;
+ }
+ 
+@@ -447,7 +447,7 @@ static int
+ GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroDataBlockP)
+ {
+ 	int i, j, ret;
+-	unsigned char count;
+	int count;
+ 
+ 	if(flag) {
+ 		scd->curbit = 0;
+ 
--- a/gd.spec
+++ b/gd.spec
@ -0,0 +1,110 @@
+Name:           gd
+Version:        2.2.5
+Release:        5
+Summary:        A graphics library for quick creation of PNG or JPEG images
+License:        MIT
+URL:            http://libgd.github.io/
+Source0:        https://github.com/libgd/libgd/releases/download/gd-%{version}/libgd-%{version}.tar.xz
+
+#PATCH-FIX-https://github.com/pisilinux/main/tree/master/multimedia/misc/gd/files
+Patch0001:      gd-2.1.0-multilib.patch
+#PATCH-CVE-2018-5711 - https://github.com/libgd/libgd/commit/a11f47475e6443b7f32d21f2271f28f417e2ac04
+Patch0002:      gd-2.2.5-upstream.patch
+#PATCH-FIX-OPENEULER
+Patch6000:      CVE-2019-6977.patch
+Patch6001:      CVE-2019-6978.patch
+Patch6002:      CVE-2018-1000222.patch
+Patch6003:      CVE-2019-11038.patch
+
+BuildRequires:  freetype-devel fontconfig-devel gettext-devel libjpeg-devel libpng-devel libtiff-devel libwebp-devel
+BuildRequires:  libX11-devel libXpm-devel zlib-devel pkgconfig libtool perl-interpreter perl-generators liberation-sans-fonts
+
+Provides:       %{name}-progs
+Obsoletes:      %{name}-progs
+
+%description
+The gd graphics library allows your code to quickly draw images complete with lines, arcs, text,
+multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or
+JPEG file. The most common applications of GD involve website development,
+although it can be used with any standalone application!
+
+%package        devel
+Summary:        The development libraries and header files for gd
+Requires:       %{name}%{?_isa} = %{version}-%{release} freetype-devel%{?_isa} fontconfig-devel%{?_isa} libjpeg-devel%{?_isa}
+Requires:       libpng-devel%{?_isa} libtiff-devel%{?_isa} libwebp-devel%{?_isa} libX11-devel%{?_isa}
+Requires:       libXpm-devel%{?_isa} zlib-devel%{?_isa}
+
+%description    devel
+The gd-devel package contains the development libraries and header files for gd, a graphics
+library for creating PNG and JPEG graphics.The gd-progs package includes utility programs supplied with gd, a
+graphics library for creating PNG and JPEG images.
+
+%prep
+%autosetup -n libgd-%{version} -p1
+
+: $(perl config/getver.pl)
+
+: regenerate autotool stuff
+if [ -f configure ]; then
+   libtoolize --copy --force
+   autoreconf -vif
+else
+   ./bootstrap.sh
+fi
+
+%build
+CFLAGS="$RPM_OPT_FLAGS -DDEFAULT_FONTPATH='\"\
+/usr/share/fonts/bitstream-vera:\
+/usr/share/fonts/dejavu:\
+/usr/share/fonts/default/Type1:\
+/usr/share/X11/fonts/Type1:\
+/usr/share/fonts/liberation\"'"
+
+
+%ifarch aarch64
+# workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1359680
+export CFLAGS="$CFLAGS -ffp-contract=off"
+%endif
+
+%configure \
+    --with-tiff=%{_prefix} \
+    --disable-rpath
+%make_build
+
+%install
+%make_install
+
+%check
+export XFAIL_TESTS
+make check
+
+grep %{version} $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gdlib.pc
+
+%post  -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(-,root,root)
+%license COPYING
+%{_libdir}/*.so.*
+%{_bindir}/*
+%exclude %{_bindir}/gdlib-config
+
+%files devel
+%{_bindir}/gdlib-config
+%{_includedir}/*
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/gdlib.pc
+%exclude %{_libdir}/libgd.la
+%exclude %{_libdir}/libgd.a
+
+%changelog
+* Wed Sep 25 2019 wangli<wangli221@huawei.com>  2.2.5-5
+- Type:cves
+- ID:CVE-2019-11038
+- SUG:NA
+- DESC:fix cves
+
+* Wed Sep 11 2019 openEuler jimmy<dukaitian@huawei.com> - 2.2.5-4
+- Package init jimmy
--- a/libgd-2.2.5.tar.xz
+++ b/libgd-2.2.5.tar.xz