commit giflib for openSUSE:Factory

Sat, 16 Apr 2016 13:08:20 -0700 

Hello community,

here is the log from the commit of package giflib for openSUSE:Factory checked 
in at 2016-04-16 22:07:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/giflib (Old)
 and      /work/SRC/openSUSE:Factory/.giflib.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "giflib"

Changes:
--------
--- /work/SRC/openSUSE:Factory/giflib/giflib.changes    2016-03-29 
09:53:14.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.giflib.new/giflib.changes       2016-04-16 
22:07:43.000000000 +0200
@@ -1,0 +2,16 @@
+Tue Apr 12 08:34:44 UTC 2016 - [email protected]
+
+- Update to version 5.1.4
+  * Fix SF bug #94: giflib 5 loves to fail to load images... a LOT.
+  * Fix SF Bug #92: Fix buffer overread in gifbuild.
+  * Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path
+  * Fix SF Bug #89: Fix buffer overread in gifbuild.
+- Removed patch:
+  * giflib-sf-88.patch
+    + Integrated upstream
+- Added patch:
+  * giflib-CVE-2016-3977.patch
+    - Fix CVE-2016-3977: heap buffer overflow in gif2rgb
+      (bsc#974847)
+
+-------------------------------------------------------------------

Old:
----
  giflib-5.1.3.tar.bz2
  giflib-sf-88.patch

New:
----
  giflib-5.1.4.tar.bz2
  giflib-CVE-2016-3977.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ giflib.spec ++++++
--- /var/tmp/diff_new_pack.n9cqLo/_old  2016-04-16 22:07:44.000000000 +0200
+++ /var/tmp/diff_new_pack.n9cqLo/_new  2016-04-16 22:07:44.000000000 +0200
@@ -18,7 +18,7 @@
 
 %define lname   libgif7
 Name:           giflib
-Version:        5.1.3
+Version:        5.1.4
 Release:        0
 Summary:        A Library for Working with GIF Images
 License:        MIT
@@ -28,7 +28,7 @@
 Source2:        baselibs.conf
 Patch1:         giflib-visibility.patch
 Patch2:         giflib-automake-1_13.patch
-Patch3:         giflib-sf-88.patch
+Patch3:         giflib-CVE-2016-3977.patch
 BuildRequires:  libtool >= 2
 BuildRequires:  xorg-x11-libICE-devel
 BuildRequires:  xorg-x11-libSM-devel

++++++ giflib-5.1.3.tar.bz2 -> giflib-5.1.4.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/NEWS new/giflib-5.1.4/NEWS
--- old/giflib-5.1.3/NEWS       2016-03-17 17:31:46.000000000 +0100
+++ new/giflib-5.1.4/NEWS       2016-04-02 17:35:30.000000000 +0200
@@ -1,5 +1,20 @@
                        GIFLIB NEWS
 
+
+Version 5.1.4
+=============
+
+Code Fixes
+----------
+
+* Fix SF bug #94: giflib 5 loves to fail to load images... a LOT.
+
+* Fix SF Bug #92: Fix buffer overread in gifbuild.
+
+* Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path
+
+* Fix SF Bug #89: Fix buffer overread in gifbuild.
+
 Version 5.1.3
 =============
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/configure new/giflib-5.1.4/configure
--- old/giflib-5.1.3/configure  2016-03-17 17:31:57.000000000 +0100
+++ new/giflib-5.1.4/configure  2016-04-02 17:36:45.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for giflib 5.1.3.
+# Generated by GNU Autoconf 2.69 for giflib 5.1.4.
 #
 # Report bugs to <[email protected]>.
 #
@@ -590,8 +590,8 @@
 # Identity of this package.
 PACKAGE_NAME='giflib'
 PACKAGE_TARNAME='giflib'
-PACKAGE_VERSION='5.1.3'
-PACKAGE_STRING='giflib 5.1.3'
+PACKAGE_VERSION='5.1.4'
+PACKAGE_STRING='giflib 5.1.4'
 PACKAGE_BUGREPORT='[email protected]'
 PACKAGE_URL=''
 
@@ -1314,7 +1314,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures giflib 5.1.3 to adapt to many kinds of systems.
+\`configure' configures giflib 5.1.4 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1384,7 +1384,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of giflib 5.1.3:";;
+     short | recursive ) echo "Configuration of giflib 5.1.4:";;
    esac
   cat <<\_ACEOF
 
@@ -1489,7 +1489,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-giflib configure 5.1.3
+giflib configure 5.1.4
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1858,7 +1858,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by giflib $as_me 5.1.3, which was
+It was created by giflib $as_me 5.1.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2723,7 +2723,7 @@
 
 # Define the identity of the package.
  PACKAGE='giflib'
- VERSION='5.1.3'
+ VERSION='5.1.4'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -13218,7 +13218,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by giflib $as_me 5.1.3, which was
+This file was extended by giflib $as_me 5.1.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -13284,7 +13284,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-giflib config.status 5.1.3
+giflib config.status 5.1.4
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/configure.ac 
new/giflib-5.1.4/configure.ac
--- old/giflib-5.1.3/configure.ac       2016-03-17 17:31:46.000000000 +0100
+++ new/giflib-5.1.4/configure.ac       2016-04-02 17:35:30.000000000 +0200
@@ -1,5 +1,5 @@
 dnl Process this file with autoconf to produce a configure script.
-AC_INIT(giflib, [5.1.3], [[email protected]], giflib)
+AC_INIT(giflib, [5.1.4], [[email protected]], giflib)
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_SRCDIR([lib/dgif_lib.c])
 AM_INIT_AUTOMAKE([gnu dist-bzip2 -Wall])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/doc/gif2rgb.1 
new/giflib-5.1.4/doc/gif2rgb.1
--- old/giflib-5.1.3/doc/gif2rgb.1      2016-03-17 17:29:39.000000000 +0100
+++ new/giflib-5.1.4/doc/gif2rgb.1      2016-04-02 17:34:45.000000000 +0200
@@ -66,7 +66,7 @@
 .PP
 By default, convert a GIF input file to RGB triplets\&. If \-s is specified, 
convert RGB input to a GIF\&.
 .PP
-If no input file is given, gif2rgb will try to read adata from stdin\&.
+If no input file is given, gif2rgb will try to read data from stdin\&.
 .SH "AUTHOR"
 .PP
 Gershon Elber\&.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/doc/gif2rgb.xml 
new/giflib-5.1.4/doc/gif2rgb.xml
--- old/giflib-5.1.3/doc/gif2rgb.xml    2014-05-16 12:46:53.000000000 +0200
+++ new/giflib-5.1.4/doc/gif2rgb.xml    2016-04-02 17:34:00.000000000 +0200
@@ -84,7 +84,7 @@
 <para>By default, convert a GIF input file to RGB triplets.  If -s is 
 specified, convert RGB input to a GIF.</para>
 
-<para>If no input file is given, gif2rgb will try to read adata
+<para>If no input file is given, gif2rgb will try to read data
 from stdin.</para>
 
 </refsect1>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/lib/dgif_lib.c 
new/giflib-5.1.4/lib/dgif_lib.c
--- old/giflib-5.1.3/lib/dgif_lib.c     2016-03-17 17:27:57.000000000 +0100
+++ new/giflib-5.1.4/lib/dgif_lib.c     2016-04-02 17:34:00.000000000 +0200
@@ -89,7 +89,7 @@
     GifFile->SavedImages = NULL;
     GifFile->SColorMap = NULL;
 
-    Private = (GifFilePrivateType *)malloc(sizeof(GifFilePrivateType));
+    Private = (GifFilePrivateType *)calloc(1, sizeof(GifFilePrivateType));
     if (Private == NULL) {
         if (Error != NULL)
            *Error = D_GIF_ERR_NOT_ENOUGH_MEM;
@@ -175,7 +175,7 @@
     GifFile->SavedImages = NULL;
     GifFile->SColorMap = NULL;
 
-    Private = (GifFilePrivateType *)malloc(sizeof(GifFilePrivateType));
+    Private = (GifFilePrivateType *)calloc(1, sizeof(GifFilePrivateType));
     if (!Private) {
         if (Error != NULL)
            *Error = D_GIF_ERR_NOT_ENOUGH_MEM;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/lib/gif_lib.h 
new/giflib-5.1.4/lib/gif_lib.h
--- old/giflib-5.1.3/lib/gif_lib.h      2016-03-17 17:31:46.000000000 +0100
+++ new/giflib-5.1.4/lib/gif_lib.h      2016-04-02 17:35:30.000000000 +0200
@@ -13,7 +13,7 @@
 
 #define GIFLIB_MAJOR 5
 #define GIFLIB_MINOR 1
-#define GIFLIB_RELEASE 3
+#define GIFLIB_RELEASE 4
 
 #define GIF_ERROR   0
 #define GIF_OK      1
Files old/giflib-5.1.3/tests/FOO and new/giflib-5.1.4/tests/FOO differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/giflib-5.1.3/util/gifbuild.c 
new/giflib-5.1.4/util/gifbuild.c
--- old/giflib-5.1.3/util/gifbuild.c    2014-05-16 12:46:53.000000000 +0200
+++ new/giflib-5.1.4/util/gifbuild.c    2016-04-02 17:34:10.000000000 +0200
@@ -692,6 +692,7 @@
            putchar('\n');
            while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) {
                ++ep;
+               last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1));
                VisibleDumpBuffer(ep->Bytes, ep->ByteCount);
                putchar('\n');
            }
@@ -703,6 +704,7 @@
            putchar('\n');
            while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) {
                ++ep;
+               last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1));
                VisibleDumpBuffer(ep->Bytes, ep->ByteCount);
                putchar('\n');
            }
@@ -723,7 +725,10 @@
            printf("\ttransparent index %d\n", gcb.TransparentColor);
            printf("end\n\n");
        }
-       else if (ep->Function == APPLICATION_EXT_FUNC_CODE 
+       else if (!last
+                && ep->Function == APPLICATION_EXT_FUNC_CODE
+                && ep->ByteCount >= 11
+                && (ep+1)->ByteCount >= 3
                 && memcmp(ep->Bytes, "NETSCAPE2.0", 11) == 0) {
            unsigned char *params = (++ep)->Bytes;
            unsigned int loopcount = params[1] | (params[2] << 8);
@@ -734,6 +739,7 @@
            VisibleDumpBuffer(ep->Bytes, ep->ByteCount);
            while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) {
                ++ep;
+               last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1));
                VisibleDumpBuffer(ep->Bytes, ep->ByteCount);
                putchar('\n');
            }

++++++ giflib-CVE-2016-3977.patch ++++++
--- giflib-5.1.4/util/gif2rgb.c 2016-03-17 17:24:17.000000000 +0100
+++ giflib-5.1.4/util/gif2rgb.c 2016-04-12 10:37:35.672174495 +0200
@@ -471,6 +471,12 @@
         exit(EXIT_FAILURE);
     }
 
+    /* check that the background color isn't garbage (SF bug #87) */
+    if (GifFile->SBackGroundColor < 0 || GifFile->SBackGroundColor >= 
ColorMap->ColorCount) {
+        fprintf(stderr, "Background color out of range for colormap\n");
+        exit(EXIT_FAILURE);
+    }
+
     DumpScreen2RGB(OutFileName, OneFileFlag,
                   ColorMap,
                   ScreenBuffer,

Reply via email to