diff --git a/giflib-5.1.3.tar.bz2 b/giflib-5.1.3.tar.bz2 deleted file mode 100644 index 2d6eab4..0000000 --- a/giflib-5.1.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5096d27805283599b01074d487ad3f8e02bd26b84d759b9017be876ca3d5b81d -size 639420 diff --git a/giflib-5.1.4.tar.bz2 b/giflib-5.1.4.tar.bz2 new file mode 100644 index 0000000..9886133 --- /dev/null +++ b/giflib-5.1.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:df27ec3ff24671f80b29e6ab1c4971059c14ac3db95406884fc26574631ba8d5 +size 639703 diff --git a/giflib-CVE-2016-3977.patch b/giflib-CVE-2016-3977.patch new file mode 100644 index 0000000..c54d817 --- /dev/null +++ b/giflib-CVE-2016-3977.patch @@ -0,0 +1,15 @@ +--- giflib-5.1.4/util/gif2rgb.c 2016-03-17 17:24:17.000000000 +0100 ++++ giflib-5.1.4/util/gif2rgb.c 2016-04-12 10:37:35.672174495 +0200 +@@ -471,6 +471,12 @@ + exit(EXIT_FAILURE); + } + ++ /* check that the background color isn't garbage (SF bug #87) */ ++ if (GifFile->SBackGroundColor < 0 || GifFile->SBackGroundColor >= ColorMap->ColorCount) { ++ fprintf(stderr, "Background color out of range for colormap\n"); ++ exit(EXIT_FAILURE); ++ } ++ + DumpScreen2RGB(OutFileName, OneFileFlag, + ColorMap, + ScreenBuffer, diff --git a/giflib-sf-88.patch b/giflib-sf-88.patch deleted file mode 100644 index a88ea84..0000000 --- a/giflib-sf-88.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: giflib-5.1.3/util/gifbuild.c -=================================================================== ---- giflib-5.1.3.orig/util/gifbuild.c -+++ giflib-5.1.3/util/gifbuild.c -@@ -724,6 +724,7 @@ static void DumpExtensions(GifFileType * - printf("end\n\n"); - } - else if (ep->Function == APPLICATION_EXT_FUNC_CODE -+ && ep->ByteCount >= 11 - && memcmp(ep->Bytes, "NETSCAPE2.0", 11) == 0) { - unsigned char *params = (++ep)->Bytes; - unsigned int loopcount = params[1] | (params[2] << 8); diff --git a/giflib.changes b/giflib.changes index cc37029..09d413f 100644 --- a/giflib.changes +++ b/giflib.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Tue Apr 12 08:34:44 UTC 2016 - fstrba@suse.com + +- Update to version 5.1.3 + * Fix SF bug #94: giflib 5 loves to fail to load images... a LOT. + * Fix SF Bug #92: Fix buffer overread in gifbuild. + * Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path + * Fix SF Bug #89: Fix buffer overread in gifbuild. +- Removed patch: + * giflib-sf-88.patch + + Integrated upstream +- Added patch: + * giflib-CVE-2016-3977.pach + - Fix CVE-2016-3977: heap buffer overflow in gif2rgb + (bsc#974847) + ------------------------------------------------------------------- Wed Mar 23 08:23:32 UTC 2016 - idonmez@suse.com diff --git a/giflib.spec b/giflib.spec index 7786a5b..2649b6f 100644 --- a/giflib.spec +++ b/giflib.spec @@ -18,7 +18,7 @@ %define lname libgif7 Name: giflib -Version: 5.1.3 +Version: 5.1.4 Release: 0 Summary: A Library for Working with GIF Images License: MIT @@ -28,7 +28,6 @@ Source: http://downloads.sf.net/giflib/%{name}-%{version}.tar.bz2 Source2: baselibs.conf Patch1: giflib-visibility.patch Patch2: giflib-automake-1_13.patch -Patch3: giflib-sf-88.patch BuildRequires: libtool >= 2 BuildRequires: xorg-x11-libICE-devel BuildRequires: xorg-x11-libSM-devel @@ -72,7 +71,6 @@ have expired, giflib can again be used instead of libungif. %setup -q %patch1 -p1 %patch2 -p1 -%patch3 -p1 # USE __TIMESTAMP__ instead of __DATE__ , __TIME__ # this change is pointless unless we preserve the original