Control: forcemerge 1102520 1103499 Hi,
On Fri, Apr 18, 2025 at 03:13:41PM +0800, liubo wrote: > Source: giflib > Version: 5.2.2-1 > Severity: normal > Tags: security patch > > > Dear Maintainer, > > I'm submitting a patch for heap-buffer-overflow in the giflib package. > > Vulnerability details: > - Description: In CVE-2022-28506 has fixed the DumpScreen2RGB > if(OneFileFlag=true) case, but has not fixed the else case. > You can view the details on this > issue:https://gitee.com/src-openeuler/giflib/issues/IBCFC4. > - Affected versions: All versions > - Fixed patch > in:https://gitee.com/src-openeuler/giflib/commit/2c10c1abf8ff2e88b1da04e050bb721487b73fa3 > > The patch has been tested on Debian sid and works correctly. > > If you think it necessary, please help me upload it to upstream This is already reported as #1102520. Regards, Salvatore
