Compare commits

...
Sign in to create a new pull request.

1 commit

Author SHA1 Message Date
Sandro Mani
2cbde71852 Backport fix for CVE-2022-28506 2022-07-21 10:05:03 +02:00
2 changed files with 22 additions and 1 deletions

15
CVE-2022-28506.patch Normal file
View file

@ -0,0 +1,15 @@
diff -rupN giflib-5.2.1/gif2rgb.c giflib-5.2.1-new/gif2rgb.c
--- giflib-5.2.1/gif2rgb.c 2019-06-24 09:24:27.000000000 +0200
+++ giflib-5.2.1-new/gif2rgb.c 2022-07-21 09:58:28.256036156 +0200
@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam
GifRow = ScreenBuffer[i];
GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
+ /* Check if color is within color palete */
+ if (GifRow[j] >= ColorMap->ColorCount)
+ {
+ GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
+ }
ColorMapEntry = &ColorMap->Colors[GifRow[j]];
*BufferP++ = ColorMapEntry->Red;
*BufferP++ = ColorMapEntry->Green;

View file

@ -1,7 +1,7 @@
Name: giflib
Summary: A library and utilities for processing GIFs
Version: 5.2.1
Release: 8%{?dist}
Release: 9%{?dist}
License: MIT
URL: http://www.sourceforge.net/projects/%{name}/
@ -12,6 +12,9 @@ Patch0: giflib_quantize.patch
Patch1: giflib_coverity.patch
# Generate HTML docs with consistent section IDs to avoid multilib difference
Patch2: giflib_html-docs-consistent-ids.patch
# Backport fix for CVE-2022-28506
# See https://sourceforge.net/u/mmuzila/giflib/ci/5b74cdd9c1285514eaa4675347ba3eea81d32c65/
Patch3: CVE-2022-28506.patch
BuildRequires: gcc
BuildRequires: make
@ -74,6 +77,9 @@ rm -f %{buildroot}%{_libdir}/libgif.a
%changelog
* Thu Jul 21 2022 Sandro Mani <manisandro@gmail.com> - 5.2.1-9
- Backport fix for CVE-2022-28506
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild