2 files changed, 38 insertions, 0 deletions

diff --git a/libs/giflib/patches/010-CVE-2022-28506.patch b/libs/giflib/patches/010-CVE-2022-28506.patch
new file mode 100644
index 000000000..f6de2bee2
--- /dev/null
+++ b/libs/giflib/patches/010-CVE-2022-28506.patch
@@ -0,0 +1,14 @@
+--- a/gif2rgb.c
++++ b/gif2rgb.c
+@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam
+             GifRow = ScreenBuffer[i];
+             GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+             for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
++                /* Check if color is within color palete */
++                if (GifRow[j] >= ColorMap->ColorCount)
++                {
++                   GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
++                }
+                 ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+                 *BufferP++ = ColorMapEntry->Red;
+                 *BufferP++ = ColorMapEntry->Green;
diff --git a/libs/giflib/patches/020-CVE-2023-39742.patch b/libs/giflib/patches/020-CVE-2023-39742.patch
new file mode 100644
index 000000000..8d01c93f6
--- /dev/null
+++ b/libs/giflib/patches/020-CVE-2023-39742.patch
@@ -0,0 +1,24 @@
+Description: Fix segmentation faults due to non correct checking for args
+Author: David Suárez <david.sephirot@gmail.com>
+Origin: vendor
+Bug: https://sourceforge.net/p/giflib/bugs/153/
+Bug-Debian: https://bugs.debian.org/715963
+Bug-Debian: https://bugs.debian.org/715964
+Bug-Debian: https://bugs.debian.org/715967
+Last-Update: 2020-12-20
+
+--- a/getarg.c
++++ b/getarg.c
+@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[],
+     int i = 0, ScanRes;
+ 
+     while (!(ISSPACE(CtrlStrCopy[i]))) {
++
++        if ((*argv) == argv_end) {
++            GAErrorToken = Option;
++            return CMD_ERR_NumRead;
++        }
++
+         switch (CtrlStrCopy[i + 1]) {
+           case 'd':    /* Get signed integers. */
+               ScanRes = sscanf(*((*argv)++), "%d",