From a5e59da87fb2001b68415386f82f88ac0d47b2af Mon Sep 17 00:00:00 2001 From: Funda Wang Date: Fri, 15 Sep 2023 23:49:46 +0800 Subject: [PATCH] Fix CVE-2023-39742 --- CVE-2023-39742.patch | 24 ++++++++++++++++++++++++ giflib.spec | 6 +++++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 CVE-2023-39742.patch diff --git a/CVE-2023-39742.patch b/CVE-2023-39742.patch new file mode 100644 index 0000000..1595450 --- /dev/null +++ b/CVE-2023-39742.patch @@ -0,0 +1,24 @@ +Description: Fix segmentation faults due to non correct checking for args +Author: David Suárez +Origin: vendor +Bug: https://sourceforge.net/p/giflib/bugs/153/ +Bug-Debian: https://bugs.debian.org/715963 +Bug-Debian: https://bugs.debian.org/715964 +Bug-Debian: https://bugs.debian.org/715967 +Last-Update: 2020-12-20 + +--- a/getarg.c ++++ b/getarg.c +@@ -305,6 +305,12 @@ + int i = 0, ScanRes; + + while (!(ISSPACE(CtrlStrCopy[i]))) { ++ ++ if ((*argv) == argv_end) { ++ GAErrorToken = Option; ++ return CMD_ERR_NumRead; ++ } ++ + switch (CtrlStrCopy[i + 1]) { + case 'd': /* Get signed integers. */ + ScanRes = sscanf(*((*argv)++), "%d", diff --git a/giflib.spec b/giflib.spec index 22fd05b..7d3eaec 100644 --- a/giflib.spec +++ b/giflib.spec @@ -1,6 +1,6 @@ Name: giflib Version: 5.2.1 -Release: 3 +Release: 4 Summary: A library and utilities for processing GIFs License: MIT URL: http://www.sourceforge.net/projects/giflib/ @@ -10,6 +10,7 @@ Patch6001: giflib_quantize.patch Patch6002: giflib_coverity.patch Patch6003: giflib_html-docs-consistent-ids.patch Patch6004: CVE-2022-28506.patch +Patch6005: CVE-2023-39742.patch BuildRequires: make xmlto gcc provides: giflib-utils = %{name}-%{version} @@ -67,6 +68,9 @@ rm -f %{buildroot}%{_libdir}/libgif.a %{_bindir}/gif* %changelog +* Fri Sep 15 2023 Funda Wang - 5.2.1-4 +- Fix CVE-2023-39742 + * Thu Jun 16 2022 duyiwei - 5.2.1-3 - fix CVE-2022-28506 -- Gitee