Overview

File _patchinfo of Package patchinfo.32781

<patchinfo incident="32781">
  <issue tracker="cve" id="2023-48161"/>
  <issue tracker="cve" id="2022-28506"/>
  <issue tracker="cve" id="2021-40633"/>
  <issue tracker="bnc" id="1200551">VUL-1: CVE-2021-40633: giflib: excessive memory consumption may lead to denial of service</issue>
  <issue tracker="bnc" id="1198880">VUL-1: CVE-2022-28506: giflib: Heap Buffer overflow in function DumpScreen2RGB()</issue>
  <issue tracker="bnc" id="1217390">VUL-0: CVE-2023-48161: giflib: buffer overflow via the DumpSCreen2RGB function</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for giflib</summary>
  <description>This update for giflib fixes the following issues:

Update to version 5.2.2

* Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880)
* #138 Documentation for obsolete utilities still installed
* #139: Typo in "LZW image data" page ("110_2 = 4_10")
* #140: Typo in "LZW image data" page ("LWZ")
* #141: Typo in "Bits and bytes" page ("filed")
* Note as already fixed SF issue #143: cannot compile under mingw
* #144: giflib-5.2.1 cannot be build on windows and other platforms using c89
* #145: Remove manual pages installation for binaries that are not installed too
* #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7
* #147 [PATCH] Fixes to doc/whatsinagif/ content
* #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB
* Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1
* Declared Won't-fix on SF issue 149: Out of source builds no longer possible
* #151: A heap-buffer-overflow in gif2rgb.c:294:45
* #152: Fix some typos on the html documentation and man pages
* #153: Fix segmentation faults due to non correct checking for args
* #154: Recover the giffilter manual page
* #155: Add gifsponge docs
* #157: An OutofMemory-Exception or Memory Leak in gif2rgb
* #158: There is a null pointer problem in gif2rgb
* #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45
* #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c
* #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c
* #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c
* #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places