diff --git a/CVE-2022-28506.patch b/CVE-2022-28506.patch new file mode 100644 index 0000000..c5f0b9a --- /dev/null +++ b/CVE-2022-28506.patch @@ -0,0 +1,15 @@ +diff -rupN giflib-5.2.1/gif2rgb.c giflib-5.2.1-new/gif2rgb.c +--- giflib-5.2.1/gif2rgb.c 2019-06-24 09:24:27.000000000 +0200 ++++ giflib-5.2.1-new/gif2rgb.c 2022-07-21 09:58:28.256036156 +0200 +@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam + GifRow = ScreenBuffer[i]; + GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); + for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) { ++ /* Check if color is within color palete */ ++ if (GifRow[j] >= ColorMap->ColorCount) ++ { ++ GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT)); ++ } + ColorMapEntry = &ColorMap->Colors[GifRow[j]]; + *BufferP++ = ColorMapEntry->Red; + *BufferP++ = ColorMapEntry->Green; diff --git a/giflib.spec b/giflib.spec index 43974d3..885d278 100644 --- a/giflib.spec +++ b/giflib.spec @@ -1,7 +1,7 @@ Name: giflib Summary: A library and utilities for processing GIFs Version: 5.2.1 -Release: 13%{?dist} +Release: 14%{?dist} License: MIT URL: http://www.sourceforge.net/projects/%{name}/ @@ -14,6 +14,9 @@ Patch0: giflib_quantize.patch Patch1: giflib_coverity.patch # Generate HTML docs with consistent section IDs to avoid multilib difference Patch2: giflib_html-docs-consistent-ids.patch +# Backport fix for CVE-2022-28506 +# See https://sourceforge.net/u/mmuzila/giflib/ci/5b74cdd9c1285514eaa4675347ba3eea81d32c65/ +Patch3: CVE-2022-28506.patch BuildRequires: cmake BuildRequires: gcc @@ -145,6 +148,9 @@ rm -rf %{buildroot}%{mingw64_mandir} %changelog +* Thu Jul 21 2022 Sandro Mani - 5.2.1-14 +- Backport fix for CVE-2022-28506 + * Thu Jul 21 2022 Fedora Release Engineering - 5.2.1-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild