Source: giflib
Version: 5.2.2-1
Severity: normal
Tags: security patch
Dear Maintainer,
I'm submitting a patch for heap-buffer-overflow in the giflib package.
Vulnerability details:
- Description: In CVE-2022-28506 has fixed the DumpScreen2RGB if(OneFileFlag=true) case, but has not fixed the else case.
You can view the details on this issue:https://gitee.com/src-openeuler/giflib/issues/IBCFC4.
- Affected versions: All versions
- Fixed patch in:https://gitee.com/src-openeuler/giflib/commit/2c10c1abf8ff2e88b1da04e050bb721487b73fa3
The patch has been tested on Debian sid and works correctly.
If you think it necessary, please help me upload it to upstream
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 490 |
Nodes: | 16 (3 / 13) |
Uptime: | 57:47:13 |
Calls: | 9,675 |
Calls today: | 6 |
Files: | 13,719 |
Messages: | 6,171,250 |