diff options
| author | Rosen Penev <rosenp@gmail.com> | 2024-02-10 15:46:21 -0800 |
|---|---|---|
| committer | Rosen Penev <rosenp@gmail.com> | 2024-02-10 18:35:25 -0800 |
| commit | 9c35e6360859b90b1cfbb65ee6c7ae23bb5c42a1 (patch) | |
| tree | 9f5cb9b05cdd746a1d8bafbb404220d235d5f957 /libs/giflib | |
| parent | 1974a441d501d91e09240e61e29b629726dd5552 (diff) | |
giflib: fix CVEs
Patches taken from Fedora
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Diffstat (limited to 'libs/giflib')
| -rw-r--r-- | libs/giflib/Makefile | 2 | ||||
| -rw-r--r-- | libs/giflib/patches/010-CVE-2022-28506.patch | 14 | ||||
| -rw-r--r-- | libs/giflib/patches/020-CVE-2023-39742.patch | 24 |
3 files changed, 39 insertions, 1 deletions
diff --git a/libs/giflib/Makefile b/libs/giflib/Makefile index a6174e982..722c7bdfe 100644 --- a/libs/giflib/Makefile +++ b/libs/giflib/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=giflib PKG_VERSION:=5.2.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@SF/giflib diff --git a/libs/giflib/patches/010-CVE-2022-28506.patch b/libs/giflib/patches/010-CVE-2022-28506.patch new file mode 100644 index 000000000..f6de2bee2 --- /dev/null +++ b/libs/giflib/patches/010-CVE-2022-28506.patch @@ -0,0 +1,14 @@ +--- a/gif2rgb.c ++++ b/gif2rgb.c +@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam + GifRow = ScreenBuffer[i]; + GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); + for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) { ++ /* Check if color is within color palete */ ++ if (GifRow[j] >= ColorMap->ColorCount) ++ { ++ GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT)); ++ } + ColorMapEntry = &ColorMap->Colors[GifRow[j]]; + *BufferP++ = ColorMapEntry->Red; + *BufferP++ = ColorMapEntry->Green; diff --git a/libs/giflib/patches/020-CVE-2023-39742.patch b/libs/giflib/patches/020-CVE-2023-39742.patch new file mode 100644 index 000000000..8d01c93f6 --- /dev/null +++ b/libs/giflib/patches/020-CVE-2023-39742.patch @@ -0,0 +1,24 @@ +Description: Fix segmentation faults due to non correct checking for args +Author: David Suárez <david.sephirot@gmail.com> +Origin: vendor +Bug: https://sourceforge.net/p/giflib/bugs/153/ +Bug-Debian: https://bugs.debian.org/715963 +Bug-Debian: https://bugs.debian.org/715964 +Bug-Debian: https://bugs.debian.org/715967 +Last-Update: 2020-12-20 + +--- a/getarg.c ++++ b/getarg.c +@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[], + int i = 0, ScanRes; + + while (!(ISSPACE(CtrlStrCopy[i]))) { ++ ++ if ((*argv) == argv_end) { ++ GAErrorToken = Option; ++ return CMD_ERR_NumRead; ++ } ++ + switch (CtrlStrCopy[i + 1]) { + case 'd': /* Get signed integers. */ + ScanRes = sscanf(*((*argv)++), "%d", |