From 3ee93968e10126adc7dad5c8872f0170c3421e13 Mon Sep 17 00:00:00 2001 From: zorz Date: Tue, 5 May 2026 18:29:35 +0300 Subject: various obsolette --- giflib/giflib-5.2.2-security_fixes-1.patch | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 giflib/giflib-5.2.2-security_fixes-1.patch (limited to 'giflib/giflib-5.2.2-security_fixes-1.patch') diff --git a/giflib/giflib-5.2.2-security_fixes-1.patch b/giflib/giflib-5.2.2-security_fixes-1.patch new file mode 100644 index 0000000..b81d28a --- /dev/null +++ b/giflib/giflib-5.2.2-security_fixes-1.patch @@ -0,0 +1,27 @@ +Submitted By: Douglas R. Reno +Date: 2025-05-19 +Initial Package Version: 5.2.2 +Upstream Status: Abandoned +Origin: OpenMandriva (see BLFS Ticket #21574) +Description: Fixes several CVEs in giflib that are known to lead to + a heap buffer overflow. The CVEs in question are + CVE-2025-31344, CVE-2024-45993, CVE-2023-48161, and + CVE-2022-28506. The CVEs are all rated High, and are + known to cause crashes with a lower chance of impacts + including arbitrary code execution. + +diff -Naurp giflib-5.2.2.orig/gif2rgb.c giflib-5.2.2/gif2rgb.c +--- giflib-5.2.2.orig/gif2rgb.c 2024-02-18 21:01:28.000000000 -0600 ++++ giflib-5.2.2/gif2rgb.c 2025-05-19 15:23:36.911153908 -0500 +@@ -329,6 +329,11 @@ static void DumpScreen2RGB(char *FileNam + GifRow = ScreenBuffer[i]; + GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); + for (j = 0; j < ScreenWidth; j++) { ++ /* Check if color is within color palete */ ++ if (GifRow[j] >= ColorMap->ColorCount) { ++ GIF_EXIT(GifErrorString( ++ D_GIF_ERR_IMAGE_DEFECT)); ++ } + ColorMapEntry = &ColorMap->Colors[GifRow[j]]; + Buffers[0][j] = ColorMapEntry->Red; + Buffers[1][j] = ColorMapEntry->Green; -- cgit v1.2.3