Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package giflib for openSUSE:Factory checked in at 2025-04-09 21:49:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/giflib (Old) and /work/SRC/openSUSE:Factory/.giflib.new.1907 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "giflib" Wed Apr 9 21:49:37 2025 rev:44 rq:1267905 version:5.2.2 Changes: -------- --- /work/SRC/openSUSE:Factory/giflib/giflib.changes 2024-02-27 22:44:17.805723738 +0100 +++ /work/SRC/openSUSE:Factory/.giflib.new.1907/giflib.changes 2025-04-09 21:49:57.833343973 +0200 @@ -1,0 +2,7 @@ +Tue Apr 1 07:03:14 UTC 2025 - Fridrich Strba <fst...@suse.com> + +- Added patch: + * giflib-bsc1240416.patch + + fixing bsc#1240416: buffer overflow in function DumpScreen2RGB + +------------------------------------------------------------------- New: ---- giflib-bsc1240416.patch BETA DEBUG BEGIN: New:- Added patch: * giflib-bsc1240416.patch + fixing bsc#1240416: buffer overflow in function DumpScreen2RGB BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ giflib.spec ++++++ --- /var/tmp/diff_new_pack.6RNh1O/_old 2025-04-09 21:49:58.301363681 +0200 +++ /var/tmp/diff_new_pack.6RNh1O/_new 2025-04-09 21:49:58.301363681 +0200 @@ -1,7 +1,7 @@ # # spec file for package giflib # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,6 +30,7 @@ Patch1: PIE.patch Patch2: reproducible.patch Patch3: 0001-Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch +Patch4: giflib-bsc1240416.patch BuildRequires: fdupes BuildRequires: libtool >= 2 ++++++ giflib-bsc1240416.patch ++++++ --- giflib-5.2.2/gif2rgb.c 2024-02-19 04:01:28.000000000 +0100 +++ giflib-5.2.2/gif2rgb.c 2025-04-01 08:46:15.097464811 +0200 @@ -329,6 +329,11 @@ GifRow = ScreenBuffer[i]; GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); for (j = 0; j < ScreenWidth; j++) { + /* Check if color is within color palete */ + if (GifRow[j] >= ColorMap->ColorCount) { + GIF_EXIT(GifErrorString( + D_GIF_ERR_IMAGE_DEFECT)); + } ColorMapEntry = &ColorMap->Colors[GifRow[j]]; Buffers[0][j] = ColorMapEntry->Red; Buffers[1][j] = ColorMapEntry->Green;