Apply fix for CVE-2025-9300

libsixel-fix-cve-2025-9300.patch

@@ -0,0 +1,30 @@
+From a384e96ac83a141c3e752026123325436eb5b8e8 Mon Sep 17 00:00:00 2001
+From: ErrorNoInternet <errornointernet@envs.net>
+Date: Tue, 26 Aug 2025 23:24:14 +0800
+Subject: [PATCH] Fix CVE-2025-9300
+
+Modified version of
+https://github.com/saitoha/libsixel/commit/316c086e79d66b62c0c4bc66229ee894e4fdb7d1.
+---
+ src/encoder.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/encoder.c b/src/encoder.c
+index 4a6a038..45061a1 100644
+--- a/src/encoder.c
++++ b/src/encoder.c
+@@ -700,9 +700,9 @@ sixel_debug_print_palette(
+     fprintf(stderr, "palette:\n");
+     for (i = 0; i < sixel_dither_get_num_of_palette_colors(dither); ++i) {
+         fprintf(stderr, "%d: #%02x%02x%02x\n", i,
++                palette[i * 3 + 0],
+                 palette[i * 3 + 1],
+-                palette[i * 3 + 2],
+-                palette[i * 3 + 3]);
++                palette[i * 3 + 2]);
+     }
+ }
+ 
+-- 
+2.49.0
+

libsixel.spec

@@ -11,6 +11,9 @@ Source:         %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
 # Taken from https://github.com/libsixel/libsixel/pull/89
 Patch:          libsixel-fix-bash-completions.patch
 
+# https://github.com/saitoha/libsixel/issues/200
+Patch:          libsixel-fix-cve-2025-9300.patch
+
 BuildRequires:  gcc
 BuildRequires:  meson
 BuildRequires:  pkgconfig(gdlib)