Bug#1002667: marked as done (gif2apng: CVE-2021-45910: Heap based buffer overflow in the main function)
Your message dated Sun, 14 Aug 2022 15:47:08 +
with message-id
and subject line Bug#1002667: fixed in gif2apng 1.9+srconly-3+deb11u1
has caused the Debian Bug report #1002667,
regarding gif2apng: CVE-2021-45910: Heap based buffer overflow in the main
function
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1002667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gif2apng
Version: 1.9+srconly-3
Severity: important
Tags: security
Dear Maintainer,
I found a heap overflow in the main function of the gif2apng application. The
issue exists within the for loops in the following code from the main function
in gif2apng.cpp:
if (coltype == 2)
{
for (j=0; jh2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if (shuffle)
{
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
if ( ( (j*w0 + w0) > buffer_size) || ( k+y0)*w + x0)*3) + w0
* 3 ) > imagesize) || k+y0)*w + x0)*3) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if ( ( (j*w0 + w0) > buffer_size) || ( (((k+y0)*w + x0) + w0 ) >
imagesize) || k+y0)*w + x0)) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
if (shuffle)
{
for (i=0; i
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gif2apng
Source-Version: 1.9+srconly-3+deb11u1
Done: Håvard F. Aasen
We believe that the bug you reported is fixed in the latest version of
gif2apng, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1002...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Håvard F. Aasen (supplier of updated gif2apng package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 28 Jul 2022 23:21:32 +0200
Source: gif2apng
Architecture: source
Version: 1.9+srconly-3+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Håvard F. Aasen
Closes: 1002667 1002668 1002687
Changes:
gif2apng (1.9+srconly-3+deb11u1) bullseye; urgency=medium
.
* Non-maintainer upload.
* CVE-2021-45909, Closes: #1002668:
heap based buffer overflow in the DecodeLZW
* CVE-2021-45910, Closes: #1002667:
heap-based buffer overflow within the main function
* CVE-2021-45911, Closes: #1002687:
heap based buffer overflow in processing of delays in the main function
Checksums-Sha1:
33e3f54d215b550b3db7baa5659af8016671a2cc 1976
gif2apng_1.9+srconly-3+deb11u1.dsc
55b70a112416a5409ffc82e40ee4b6be5c05c75f 8972
gif2apng_1.9+srconly-3+deb11u1.debian.tar.xz
9e79488104d6a0a994ccf69118cd04aa669c246c 5845
gif2apng_1.9+srconly-3+deb11u1_source.buildinfo
Checksums-Sha256:
65826fa4e6786d220a42bf9fd611149bd93a977d2b0f63ff72c1b7f4c4477704 1976
gif2apng_1.9+srconly-3+deb11u1.dsc
753476fd86ef70c12cbcfe0fbe828e692a12eb9f5467c6e87ab323b9337c8a78 8972
gif2apng_1.9+srconly-3+deb11u1.debian.tar.xz
55188a21369a197ad21a9d26a8df1c83491b85df94df520b4614e0b0e24d3148 5845
gif2apng_1.9+srconly-3+deb11u1_source.buildinfo
Files:
716545a1210a0702c2a2c3d3f297db46 1976 graphics optional
gif2apng_1.9+srconly-3+deb11u1.dsc
54a67e604f7d352314a6bce97ff7b655 8972 graphics optional
gif2apng_1.9+srconly-3+deb11u1.debian.tar.xz
e0d7b9ec1cc824ea68c615bac183c848 5845 graphics optional
Bug#1002667: marked as done (gif2apng: CVE-2021-45910: Heap based buffer overflow in the main function)
Your message dated Sat, 13 Aug 2022 17:02:32 +
with message-id
and subject line Bug#1002667: fixed in gif2apng 1.9+srconly-2+deb10u1
has caused the Debian Bug report #1002667,
regarding gif2apng: CVE-2021-45910: Heap based buffer overflow in the main
function
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1002667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gif2apng
Version: 1.9+srconly-3
Severity: important
Tags: security
Dear Maintainer,
I found a heap overflow in the main function of the gif2apng application. The
issue exists within the for loops in the following code from the main function
in gif2apng.cpp:
if (coltype == 2)
{
for (j=0; jh2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if (shuffle)
{
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
if ( ( (j*w0 + w0) > buffer_size) || ( k+y0)*w + x0)*3) + w0
* 3 ) > imagesize) || k+y0)*w + x0)*3) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if ( ( (j*w0 + w0) > buffer_size) || ( (((k+y0)*w + x0) + w0 ) >
imagesize) || k+y0)*w + x0)) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
if (shuffle)
{
for (i=0; i
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gif2apng
Source-Version: 1.9+srconly-2+deb10u1
Done: Håvard F. Aasen
We believe that the bug you reported is fixed in the latest version of
gif2apng, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1002...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Håvard F. Aasen (supplier of updated gif2apng package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 28 Jul 2022 23:56:21 +0200
Source: gif2apng
Architecture: source
Version: 1.9+srconly-2+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Khalid El Fathi
Changed-By: Håvard F. Aasen
Closes: 1002667 1002668 1002687
Changes:
gif2apng (1.9+srconly-2+deb10u1) buster; urgency=medium
.
* Non-maintainer upload.
* CVE-2021-45909, Closes: #1002668:
heap based buffer overflow in the DecodeLZW
* CVE-2021-45910, Closes: #1002667:
heap-based buffer overflow within the main function
* CVE-2021-45911, Closes: #1002687:
heap based buffer overflow in processing of delays in the main function
Checksums-Sha1:
77391152adfba90edcfa8e747769bcf09a62b876 2009
gif2apng_1.9+srconly-2+deb10u1.dsc
f184e5ccbdbc49945f5af571fc2b3b00b74a316b 8916
gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz
b100032d2b6efbc6fbde9adcc696b1e5bc9fa5f1 5441
gif2apng_1.9+srconly-2+deb10u1_source.buildinfo
Checksums-Sha256:
ba13882e087d8f431366087ad820d514f51c5124d45195bdc7e247c857232482 2009
gif2apng_1.9+srconly-2+deb10u1.dsc
88ef009c78679146033f91d3b6c1c3bf0d46b0674b97b076abe6ccf2f4f1 8916
gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz
8afc7fb97cab9db5e611ecbff73f5ae57a9000cfbe7f69d73b4d5f39d6c5a86f 5441
gif2apng_1.9+srconly-2+deb10u1_source.buildinfo
Files:
39effd0d93ec256fc220da6a17a78892 2009 graphics optional
gif2apng_1.9+srconly-2+deb10u1.dsc
d281aa7b5ed1745ad760c17582cc8c07 8916 graphics optional
gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz
7442a9a2d9a4874284a6d246af137e9f 5441 graphics optional
Bug#1002667: marked as done (gif2apng: CVE-2021-45910: Heap based buffer overflow in the main function)
Your message dated Mon, 07 Feb 2022 21:43:10 +
with message-id
and subject line Bug#1004933: Removed package(s) from unstable
has caused the Debian Bug report #1002667,
regarding gif2apng: CVE-2021-45910: Heap based buffer overflow in the main
function
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1002667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002667
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gif2apng
Version: 1.9+srconly-3
Severity: important
Tags: security
Dear Maintainer,
I found a heap overflow in the main function of the gif2apng application. The
issue exists within the for loops in the following code from the main function
in gif2apng.cpp:
if (coltype == 2)
{
for (j=0; jh2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if (shuffle)
{
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + ((k+y0)*w + x0)*3;
if ( ( (j*w0 + w0) > buffer_size) || ( k+y0)*w + x0)*3) + w0
* 3 ) > imagesize) || k+y0)*w + x0)*3) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ?
(j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8;
src = buffer + j*w0;
dst = frame0 + (k+y0)*w + x0;
if ( ( (j*w0 + w0) > buffer_size) || ( (((k+y0)*w + x0) + w0 ) >
imagesize) || k+y0)*w + x0)) < 0 ) || ( (j*w0) < 0)) {
printf("Something is wrong with the size values\n");
exit(0);
}
if (shuffle)
{
for (i=0; i
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 1.9+srconly-3+rm
Dear submitter,
as the package gif2apng has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/1004933
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---
