commit giflib for openSUSE:Factory

Source-Sync Wed, 09 Apr 2025 12:51:13 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package giflib for openSUSE:Factory checked 
in at 2025-04-09 21:49:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/giflib (Old)
 and      /work/SRC/openSUSE:Factory/.giflib.new.1907 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "giflib"

Wed Apr  9 21:49:37 2025 rev:44 rq:1267905 version:5.2.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/giflib/giflib.changes    2024-02-27 
22:44:17.805723738 +0100
+++ /work/SRC/openSUSE:Factory/.giflib.new.1907/giflib.changes  2025-04-09 
21:49:57.833343973 +0200
@@ -1,0 +2,7 @@
+Tue Apr  1 07:03:14 UTC 2025 - Fridrich Strba <fst...@suse.com>
+
+- Added patch:
+  * giflib-bsc1240416.patch
+    + fixing bsc#1240416: buffer overflow in function DumpScreen2RGB
+
+-------------------------------------------------------------------

New:
----
  giflib-bsc1240416.patch

BETA DEBUG BEGIN:
  New:- Added patch:
  * giflib-bsc1240416.patch
    + fixing bsc#1240416: buffer overflow in function DumpScreen2RGB
BETA DEBUG END:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ giflib.spec ++++++
--- /var/tmp/diff_new_pack.6RNh1O/_old  2025-04-09 21:49:58.301363681 +0200
+++ /var/tmp/diff_new_pack.6RNh1O/_new  2025-04-09 21:49:58.301363681 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package giflib
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -30,6 +30,7 @@
 Patch1:         PIE.patch
 Patch2:         reproducible.patch
 Patch3:         0001-Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch
+Patch4:         giflib-bsc1240416.patch
 BuildRequires:  fdupes
 BuildRequires:  libtool >= 2
 

++++++ giflib-bsc1240416.patch ++++++
--- giflib-5.2.2/gif2rgb.c      2024-02-19 04:01:28.000000000 +0100
+++ giflib-5.2.2/gif2rgb.c      2025-04-01 08:46:15.097464811 +0200
@@ -329,6 +329,11 @@
                        GifRow = ScreenBuffer[i];
                        GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
                        for (j = 0; j < ScreenWidth; j++) {
+                               /* Check if color is within color palete */
+                               if (GifRow[j] >= ColorMap->ColorCount) {
+                                       GIF_EXIT(GifErrorString(
+                                           D_GIF_ERR_IMAGE_DEFECT));
+                               }
                                ColorMapEntry = &ColorMap->Colors[GifRow[j]];
                                Buffers[0][j] = ColorMapEntry->Red;
                                Buffers[1][j] = ColorMapEntry->Green;

commit giflib for openSUSE:Factory

Reply via email to