libgd 2.0 / NEWS

'GD                                                                         NEWS
GD 2.0.35 (2007-06-21)
41, Fix valgrind error in gdImageFillTiled (Nuno Lopes) 
45, Add missing custom cmake macros (required for the tests suite)
51, Avoid signature buffer copy  in gd_gif_c (Nuno Lopes)
48, Race condition in gdImageStringFTEx (Antony Dogval, Pierre 
    Scott MacVicar)
52, Reading GIF images is not thread safe (static usage in private
    functions) (Roman Nemecek, Nuno Lopes, Pierre)
60, GIF Local palette is read twice
66, GIF, Use local frame dimension when possible instead of the 
    logical screen size (Pierre)
68, OpenVMS build support, see VMS/README.VMS for the details 
    (Alexey Chupahin)
70, GIF, do not try to use the global colmap if it does not exist
    (Nuno Lopes, Pierre)
72, gdImageAALine draws axis lines with two pixels width (Pierre)
73, TTF usage doesn't work properly on Netware (Guenter Knauf, Scott MacVicar)
74, gdImageArc CPU usage with large angles (Pierre)
78, gdImageFilledRectangle regression fixed when used with reversed edges
86, Possible infinite loop in libgd/gd_png.c, flaw found by Xavier Roche
87, Fixed segfault when an invalid color index is present in a GIF 
    image data, reported by Elliot <wccode at gmail dot com> (Pierre)
89, Possible integer overflow in gdImageCreateTrueColor (Pierre)
94, gdImageCreateXbm can crash if gdImageCreate fails (Pierre)

GD 2.0.34 (2007-02-07)
 3, Initialize variables in tweenColorTest, fix cache
 4, gdImageFill, multiple segfaults with patterns or invalid arguments
 5, gdImageRectangle draws corners twice
 6, GIF Output does use the transparent color with truecolor images
 7, Multiple security issues in GIF loader
 8, gdIimageCopy doen't use the alpha channel
 9, Add autogen and and misc configure/makefile (Lars Hecking)
10, gdImageFilledEllipse does not respect transparency
11, gdImageCreateFromPng*  crashes with empty file
12, gdImageCreateFromPngCrx, initialize the signature buffer not the
13, leak in jinit_2pass_quantizer (gd_topal.c)
14, Added santiy checks for possible memory allocation errors
15, gdImageCreatePaletteFromTrueColor, later color allocations overwrite
    the palette colors (Rob Leslie)
16, Obscure error on Sun's compiler in entities.tcl
    (John Ellson/Graphviz)
17, gdImageCreate, invalid gdFree call when overflow2 fails
18, HWB_Diff, invalid usage of abs instead of fabs
    (Nick Atty)
19, Fixed gdImageCopyMergeGray when used with a true color image
20, transparency preservation in gdImageCopyRotated
21, Out of range checks in gdImageSetAAPixelColor
22, gdFontCacheSetup does not stop on error
23, Errors when gdImageStringFTEx is called with an empty string
    (Kevin Scaldeferri)
24, gdft.c, uninitialized variable "charmap" and avoid divide-by-zero
    (John Ellson/Graphviz)
25, DISABLE_THREADS to permit disabling of thread support
    (John Ellson/Graphviz)
26, dynamicGetbuf, sourceGetbuf must return 0 for errors and EOF
27, gdSeek declaration is wrong
29, Windows native makefile (Edin Kadribašić)
30, restores the ability to recognize and handle a font with
    Adobe-specific character encoding. Added gdFTEX_Adobe_Custom.
31, Shared library support on cygwin (Dr. Volker Zell)
32, Pattern-fill works incorrectly if tile is created via
    gdImageCreateTruecolor (Ethan Merritt)
33, malformed PNG image crashes  (CRC error)
34, reading some gif images creates infinite loop
36, gdImageFillToBorder crashes when used with alpha
40, possible Buffer overflow in the gdImageStringFTEx function
    in gdft.c (CVE-2007-0455) (Kees Cook)