packages/giflib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:a2aa52215ce0d617b3e41ea856b81e48c7399c8f
Branches Tags
packages:main
...
compare: packages:52bf66461ffce5baaec911299d91503bac6a4f88
Branches Tags
packages:main

10 Commits
a2aa52215c ... 52bf66461f

Author SHA1 Message Date
openeuler-ci-bot
52bf66461f
!49 [sync] PR-47: Update to 5.2.2 for fix CVE-2020-23922 and CVE-2023-48161 
From: @openeuler-sync-bot 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001
 2024-06-24 11:02:07 +00:00
starlet-dx
c1f6165648 Update to 5.2.2 for fix CVE-2020-23922 and CVE-2023-48161 
(cherry picked from commit 6dade95e2078d5374b10eca28244e9905076bc46)
 2024-06-24 14:38:52 +08:00
openeuler-ci-bot
6aca52f348
!45 [sync] PR-39: Fix CVE-2021-40633 
From: @openeuler-sync-bot 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001
 2024-05-22 02:40:33 +00:00
liwenjie
16e7762701 Fix CVE-2021-40633 
(cherry picked from commit b3034393b8b867639a31145e5bd6aac748b1fd87)
 2024-05-15 23:34:40 +08:00
openeuler-ci-bot
0c596d513e
!30 [sync] PR-26: Fix CVE-2023-39742 
From: @openeuler-sync-bot 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001
 2023-09-16 02:56:44 +00:00
Funda Wang
066fb268d0 Fix CVE-2023-39742 
(cherry picked from commit 08694f066548bb6e406cdafe9828fc27a988e6d4)
 2023-09-16 09:33:10 +08:00
openeuler-ci-bot
424b73d0fc
!25 [sync] PR-23: 同步22.09 release到22.03-LTS 
From: @openeuler-sync-bot 
Reviewed-by: @small_leek 
Signed-off-by: @small_leek
 2022-12-05 01:13:48 +00:00
wk333
9b6d2443f9 Sync 22.09 release to 22.03 
(cherry picked from commit 1523a8d08213d6a2a07242c7b25e0ac86c8f598a)
 2022-12-05 09:05:25 +08:00
openeuler-ci-bot
38ff146365 !12 Add a package named utils 
From: @liuyumeng1
Reviewed-by: @yanan-rock
Signed-off-by: @yanan-rock
 2021-07-30 12:33:16 +00:00
renmingshuai
afe6e7ae61 Add a package named utils 2021-05-20 16:19:42 +08:00
7 changed files with 96 additions and 50 deletions
Show Stats Expand all files Collapse all files

13
CVE-2021-40633.patch Normal file
View File

@ -0,0 +1,13 @@
diff -urN giflib-5.2.2/gif2rgb.c giflib-5.2.2-bak/gif2rgb.c
--- giflib-5.2.2/gif2rgb.c 2024-05-14 16:06:40.098092160 +0800
+++ giflib-5.2.2-bak/gif2rgb.c 2024-05-14 15:53:42.426757251 +0800
@@ -525,6 +525,9 @@
DumpScreen2RGB(OutFileName, OneFileFlag, ColorMap, ScreenBuffer,
GifFile->SWidth, GifFile->SHeight);
+ for (i = 0; i < GifFile->SHeight; i++) {
+ (void)free(ScreenBuffer[i]);
+ }
(void)free(ScreenBuffer);
{

BIN
giflib-5.2.1.tar.gz
View File

Binary file not shown.

BIN
giflib-5.2.2.tar.gz Normal file
View File

Binary file not shown.

47
giflib.spec
View File

@ -1,8 +1,8 @@
%define debug_package %{nil} %define debug_package %{nil}
Name: giflib Name: giflib
Version: 5.2.1 Version: 5.2.2
Release: 2 Release: 1
Summary: A library and utilities for processing GIFs Summary: A library and utilities for processing GIFs
License: MIT License: MIT
URL: http://www.sourceforge.net/projects/giflib/ URL: http://www.sourceforge.net/projects/giflib/
@ -14,8 +14,10 @@ Patch0:giflib_quantize.patch
Patch1:giflib_coverity.patch Patch1:giflib_coverity.patch
# Generate HTML docs with consistent section IDs to avoid multilib difference # Generate HTML docs with consistent section IDs to avoid multilib difference
Patch2:giflib_html-docs-consistent-ids.patch Patch2:giflib_html-docs-consistent-ids.patch
Patch3:CVE-2021-40633.patch
BuildRequires: make xmlto gcc BuildRequires: make xmlto gcc
BuildRequires: ImageMagick
provides: giflib-utils provides: giflib-utils
%description %description
@ -28,13 +30,21 @@ Requires: %{name} = %{version}-%{release}
%description devel %description devel
development header files, libraries for programs using the giflib library. development header files, libraries for programs using the giflib library.
%package utils
Summary: Programs for manipulating GIF format image files
Requires: %{name}%{?_isa} = %{version}-%{release}
%description utils
The giflib-utils package contains various programs for manipulationg GIF
format imange files.
%package_help %package_help
%prep %prep
%autosetup -n %{name}-%{version} -p1 %autosetup -n %{name}-%{version} -p1
%build %build
%make_build %make_build CFLAGS="$RPM_OPT_FLAGS -s -fPIC"
%install %install
%make_install PREFIX="%{_prefix}" LIBDIR="%{_libdir}" %make_install PREFIX="%{_prefix}" LIBDIR="%{_libdir}"
@ -50,7 +60,6 @@ rm -f %{buildroot}/debugsourcefiles.list
%license COPYING %license COPYING
%{_libdir}/libgif.so.7* %{_libdir}/libgif.so.7*
%exclude %{_libdir}/*.a %exclude %{_libdir}/*.a
%{_bindir}/gif*
%files devel %files devel
%defattr(-,root,root) %defattr(-,root,root)
@ -60,9 +69,37 @@ rm -f %{buildroot}/debugsourcefiles.list
%files help %files help
%defattr(-,root,root) %defattr(-,root,root)
%{_mandir}/man1/gif*.1* %{_mandir}/man1/gif*.*
%files utils
%{_bindir}/gif*
%changelog %changelog
* Fri Jun 21 2024 yaoxin <yao_xin001@hoperun.com> - 5.2.2-1
- Update to 5.2.2
* Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880)
* Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45
* Address SF issue #166: a read zero page leads segment fault in
getarg.c and memory leaks in gif2rgb.c and gifmalloc.c
* Tue May 14 2024 liwenjie <liwenjie@kylinos.cn> - 5.2.1-8
- Fix CVE-2021-40633
* Fri Sep 15 2023 Funda Wang <fundawang@yeah.net> - 5.2.1-7
- Fix CVE-2023-39742
* Thu Aug 25 2022 caodongxia <caodongxia@h-partners.com> -5.2.1-6
- Fix rpmbuild error
* Wed Jun 15 2022 duyiwei <duyiwei@kylinos.cn> - 5.2.1-5
- fix CVE-2022-28506
* Sat Sep 4 2021 zhanzhimin <zhanzhimin@huawei.com> - 5.2.1-4
- strip binary files
* Thu May 20 2021 liuyumeng <liuyumeng5@huawei.com> - 5.2.1-3
- Add a package named utils
* Wed Jul 29 2020 hanhui <hanhui15@huawei.com> - 5.2.1-2 * Wed Jul 29 2020 hanhui <hanhui15@huawei.com> - 5.2.1-2
- add bugfix - add bugfix

72
giflib_coverity.patch
View File

@ -1,43 +1,39 @@
diff -rupN --no-dereference giflib-5.2.1/gif2rgb.c giflib-5.2.1-new/gif2rgb.c diff -rupN --no-dereference giflib-5.2.2/gif2rgb.c giflib-5.2.2-new/gif2rgb.c
--- giflib-5.2.1/gif2rgb.c 2019-06-24 09:24:27.000000000 +0200 --- giflib-5.2.2/gif2rgb.c 2024-02-19 04:01:28.000000000 +0100
+++ giflib-5.2.1-new/gif2rgb.c 2020-02-17 16:51:04.468397502 +0100 +++ giflib-5.2.2-new/gif2rgb.c 2024-02-19 09:39:38.750976758 +0100
@@ -170,6 +170,8 @@ static void SaveGif(GifByteType *OutputB @@ -165,6 +165,8 @@ static void SaveGif(GifByteType *OutputB
/* Open stdout for the output file: */ /* Open stdout for the output file: */
if ((GifFile = EGifOpenFileHandle(1, &Error)) == NULL) { if ((GifFile = EGifOpenFileHandle(1, &Error)) == NULL) {
PrintGifError(Error); PrintGifError(Error);
+ free(OutputBuffer); + free(OutputBuffer);
+ GifFreeMapObject(OutputColorMap); + GifFreeMapObject(OutputColorMap);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@@ -179,6 +181,8 @@ static void SaveGif(GifByteType *OutputB @@ -173,6 +175,8 @@ static void SaveGif(GifByteType *OutputB
EGifPutImageDesc(GifFile, EGifPutImageDesc(GifFile, 0, 0, Width, Height, false, NULL) ==
0, 0, Width, Height, false, NULL) == GIF_ERROR) { GIF_ERROR) {
PrintGifError(Error); PrintGifError(Error);
+ free(OutputBuffer); + free(OutputBuffer);
+ GifFreeMapObject(OutputColorMap); + GifFreeMapObject(OutputColorMap);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@@ -187,8 +191,11 @@ static void SaveGif(GifByteType *OutputB @@ -182,6 +186,8 @@ static void SaveGif(GifByteType *OutputB
GifFile->Image.Width, GifFile->Image.Height);
for (i = 0; i < Height; i++) { for (i = 0; i < Height; i++) {
- if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR) if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR) {
+ if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR) { + free(OutputBuffer);
+ free(OutputBuffer); + GifFreeMapObject(OutputColorMap);
+ GifFreeMapObject(OutputColorMap); exit(EXIT_FAILURE);
exit(EXIT_FAILURE); }
+ } GifQprintf("\b\b\b\b%-4d", Height - i - 1);
GifQprintf("\b\b\b\b%-4d", Height - i - 1); @@ -191,6 +197,8 @@ static void SaveGif(GifByteType *OutputB
Ptr += Width; if (EGifCloseFile(GifFile, &Error) == GIF_ERROR) {
@@ -196,6 +203,8 @@ static void SaveGif(GifByteType *OutputB PrintGifError(Error);
+ free(OutputBuffer);
if (EGifCloseFile(GifFile, &Error) == GIF_ERROR) { + GifFreeMapObject(OutputColorMap);
PrintGifError(Error); exit(EXIT_FAILURE);
+ free(OutputBuffer); }
+ GifFreeMapObject(OutputColorMap);
exit(EXIT_FAILURE);
}
} }

8
giflib_html-docs-consistent-ids.patch
View File

@ -1,8 +1,8 @@
diff -rupN --no-dereference giflib-5.2.1/doc/Makefile giflib-5.2.1-new/doc/Makefile diff -rupN --no-dereference giflib-5.2.2/doc/Makefile giflib-5.2.2-new/doc/Makefile
--- giflib-5.2.1/doc/Makefile 2019-03-28 18:05:25.000000000 +0100 --- giflib-5.2.2/doc/Makefile 2024-02-18 19:15:05.000000000 +0100
+++ giflib-5.2.1-new/doc/Makefile 2020-02-17 16:51:04.489397582 +0100 +++ giflib-5.2.2-new/doc/Makefile 2024-02-19 09:39:38.785968237 +0100
@@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
.SUFFIXES: .xml .html .txt .adoc .1 .SUFFIXES: .xml .html .txt .adoc .1 .7
.xml.html: .xml.html:
- xmlto xhtml-nochunks $< - xmlto xhtml-nochunks $<

6
giflib_quantize.patch
View File

@ -1,6 +1,6 @@
diff -rupN --no-dereference giflib-5.2.1/Makefile giflib-5.2.1-new/Makefile diff -rupN --no-dereference giflib-5.2.2/Makefile giflib-5.2.2-new/Makefile
--- giflib-5.2.1/Makefile 2019-06-24 18:08:57.000000000 +0200 --- giflib-5.2.2/Makefile 2024-02-19 02:01:50.000000000 +0100
+++ giflib-5.2.1-new/Makefile 2020-02-17 16:51:04.450397434 +0100 +++ giflib-5.2.2-new/Makefile 2024-02-19 09:39:38.715985279 +0100
@@ -29,11 +29,11 @@ LIBPOINT=0 @@ -29,11 +29,11 @@ LIBPOINT=0
LIBVER=$(LIBMAJOR).$(LIBMINOR).$(LIBPOINT) LIBVER=$(LIBMAJOR).$(LIBMINOR).$(LIBPOINT)