Control: forcemerge 1102520 1103499
Hi,
On Fri, Apr 18, 2025 at 03:13:41PM +0800, liubo wrote:
Source: giflib
Version: 5.2.2-1
Severity: normal
Tags: security patch
Dear Maintainer,
I'm submitting a patch for heap-buffer-overflow in the giflib package.
Vulnerability details:
- Description: In CVE-2022-28506 has fixed the DumpScreen2RGB if(OneFileFlag=true) case, but has not fixed the else case.
You can view the details on this issue:https://gitee.com/src-openeuler/giflib/issues/IBCFC4.
- Affected versions: All versions
- Fixed patch in:https://gitee.com/src-openeuler/giflib/commit/2c10c1abf8ff2e88b1da04e050bb721487b73fa3
The patch has been tested on Debian sid and works correctly.
If you think it necessary, please help me upload it to upstream
This is already reported as #1102520.
Regards,
Salvatore
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)