diff --git a/CVE-2021-40633.patch b/CVE-2021-40633.patch
index 80f10f0a42f8672999b23613e8e86de1a3999f52..18331f540dfe8beb7b833c66380f7548156b3313 100644
--- a/CVE-2021-40633.patch
+++ b/CVE-2021-40633.patch
@@ -1,13 +1,13 @@
-diff -urN giflib-5.2.1/gif2rgb.c giflib-5.2.1-bak/gif2rgb.c
---- giflib-5.2.1/gif2rgb.c	2024-05-14 16:38:28.259385838 +0800
-+++ giflib-5.2.1-bak/gif2rgb.c	2024-05-14 16:40:04.629090800 +0800
-@@ -498,6 +498,9 @@
- 		   ScreenBuffer, 
- 		   GifFile->SWidth, GifFile->SHeight);
+diff -urN giflib-5.2.2/gif2rgb.c giflib-5.2.2-bak/gif2rgb.c
+--- giflib-5.2.2/gif2rgb.c	2024-05-14 16:06:40.098092160 +0800
++++ giflib-5.2.2-bak/gif2rgb.c	2024-05-14 15:53:42.426757251 +0800
+@@ -525,6 +525,9 @@
+ 	DumpScreen2RGB(OutFileName, OneFileFlag, ColorMap, ScreenBuffer,
+ 	               GifFile->SWidth, GifFile->SHeight);
  
-+    for (i = 0; i < GifFile->SHeight; i++) {
-+	    (void)free(ScreenBuffer[i]);
-+    }
-     (void)free(ScreenBuffer);
++	for (i = 0; i < GifFile->SHeight; i++) {
++		(void)free(ScreenBuffer[i]);
++	}
+ 	(void)free(ScreenBuffer);
  
-     if (DGifCloseFile(GifFile, &Error) == GIF_ERROR) {
+ 	{
diff --git a/CVE-2022-28506.patch b/CVE-2022-28506.patch
deleted file mode 100644
index 19059693e2398bf6103677fdd79c5380538fdfb5..0000000000000000000000000000000000000000
--- a/CVE-2022-28506.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From c80f2b9f12a9ed0df7a629c9da1c4a82e9e39923 Mon Sep 17 00:00:00 2001
-From: duyiwei <duyiwei@kylinos.cn>
-Date: Wed, 15 Jun 2022 14:46:24 +0800
-Subject: [PATCH] CVE-2022-28506
-
-Signed-off-by: duyiwei <duyiwei@kylinos.cn>
----
- gif2rgb.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/gif2rgb.c b/gif2rgb.c
-index ccbc0aa..87c413e 100644
---- a/gif2rgb.c
-+++ b/gif2rgb.c
-@@ -303,7 +303,12 @@ static void DumpScreen2RGB(char *FileName, int OneFileFlag,
-             GifRow = ScreenBuffer[i];
-             GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
-             for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
--                ColorMapEntry = &ColorMap->Colors[GifRow[j]];
-+                /* Check if color is within color palete */
-+                if (GifRow[j] >= ColorMap->ColorCount)
-+                {
-+                   GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
-+                }
-+	       	ColorMapEntry = &ColorMap->Colors[GifRow[j]];
-                 *BufferP++ = ColorMapEntry->Red;
-                 *BufferP++ = ColorMapEntry->Green;
-                 *BufferP++ = ColorMapEntry->Blue;
--- 
-2.33.0
-
diff --git a/CVE-2023-39742.patch b/CVE-2023-39742.patch
deleted file mode 100644
index 15954505a0b737ffee0044e0b4ae3ade1430a741..0000000000000000000000000000000000000000
--- a/CVE-2023-39742.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Description: Fix segmentation faults due to non correct checking for args
-Author: David Suárez <david.sephirot@gmail.com>
-Origin: vendor
-Bug: https://sourceforge.net/p/giflib/bugs/153/
-Bug-Debian: https://bugs.debian.org/715963
-Bug-Debian: https://bugs.debian.org/715964
-Bug-Debian: https://bugs.debian.org/715967
-Last-Update: 2020-12-20
-
---- a/getarg.c
-+++ b/getarg.c
-@@ -305,6 +305,12 @@
-     int i = 0, ScanRes;
- 
-     while (!(ISSPACE(CtrlStrCopy[i]))) {
-+
-+        if ((*argv) == argv_end) {
-+            GAErrorToken = Option;
-+            return CMD_ERR_NumRead;
-+        }
-+
-         switch (CtrlStrCopy[i + 1]) {
-           case 'd':    /* Get signed integers. */
-               ScanRes = sscanf(*((*argv)++), "%d",
diff --git a/giflib-5.2.1.tar.gz b/giflib-5.2.1.tar.gz
deleted file mode 100644
index f5555f590d7247a1d0995d576fb28e21a833084b..0000000000000000000000000000000000000000
Binary files a/giflib-5.2.1.tar.gz and /dev/null differ
diff --git a/giflib-5.2.2.tar.gz b/giflib-5.2.2.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..f603813b77c2c2974df0db7d34d2df1f7a0462ef
Binary files /dev/null and b/giflib-5.2.2.tar.gz differ
diff --git a/giflib.spec b/giflib.spec
index be94232bef1b5d59e0b3fc63479a4dd88647b0e7..cd952682dc88f25ccf3468a8c697c5f966530f5a 100644
--- a/giflib.spec
+++ b/giflib.spec
@@ -1,8 +1,8 @@
 %define debug_package %{nil}
 
 Name:          giflib
-Version:       5.2.1
-Release:       8
+Version:       5.2.2
+Release:       1
 Summary:       A library and utilities for processing GIFs
 License:       MIT
 URL:           http://www.sourceforge.net/projects/giflib/
@@ -14,11 +14,10 @@ Patch0:giflib_quantize.patch
 Patch1:giflib_coverity.patch
 # Generate HTML docs with consistent section IDs to avoid multilib difference
 Patch2:giflib_html-docs-consistent-ids.patch
-Patch3:CVE-2022-28506.patch
-Patch4:CVE-2023-39742.patch
-Patch5:CVE-2021-40633.patch
+Patch3:CVE-2021-40633.patch
 
 BuildRequires: make xmlto gcc
+BuildRequires: ImageMagick
 provides:      giflib-utils
 
 %description
@@ -70,12 +69,19 @@ rm -f %{buildroot}/debugsourcefiles.list
 
 %files help
 %defattr(-,root,root)
-%{_mandir}/man1/gif*.1*
+%{_mandir}/man1/gif*.*
 
 %files utils
 %{_bindir}/gif*
 
 %changelog
+* Fri Jun 21 2024 yaoxin <yao_xin001@hoperun.com> - 5.2.2-1
+- Update to 5.2.2
+  * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880)
+  * Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45
+  * Address SF issue #166: a read zero page leads segment fault in
+    getarg.c and memory leaks in gif2rgb.c and gifmalloc.c
+
 * Tue May 14 2024 liwenjie <liwenjie@kylinos.cn> - 5.2.1-8
 - Fix CVE-2021-40633
 
diff --git a/giflib_coverity.patch b/giflib_coverity.patch
index c51234fe5f861e6c9a50f341dc73777e542b837e..0e995ae1a09851e6ab30324c7c8b0ab6258bafbb 100644
--- a/giflib_coverity.patch
+++ b/giflib_coverity.patch
@@ -1,43 +1,39 @@
-diff -rupN --no-dereference giflib-5.2.1/gif2rgb.c giflib-5.2.1-new/gif2rgb.c
---- giflib-5.2.1/gif2rgb.c	2019-06-24 09:24:27.000000000 +0200
-+++ giflib-5.2.1-new/gif2rgb.c	2020-02-17 16:51:04.468397502 +0100
-@@ -170,6 +170,8 @@ static void SaveGif(GifByteType *OutputB
-     /* Open stdout for the output file: */
-     if ((GifFile = EGifOpenFileHandle(1, &Error)) == NULL) {
- 	PrintGifError(Error);
-+	free(OutputBuffer);
-+	GifFreeMapObject(OutputColorMap);
- 	exit(EXIT_FAILURE);
-     }
+diff -rupN --no-dereference giflib-5.2.2/gif2rgb.c giflib-5.2.2-new/gif2rgb.c
+--- giflib-5.2.2/gif2rgb.c	2024-02-19 04:01:28.000000000 +0100
++++ giflib-5.2.2-new/gif2rgb.c	2024-02-19 09:39:38.750976758 +0100
+@@ -165,6 +165,8 @@ static void SaveGif(GifByteType *OutputB
+ 	/* Open stdout for the output file: */
+ 	if ((GifFile = EGifOpenFileHandle(1, &Error)) == NULL) {
+ 		PrintGifError(Error);
++		free(OutputBuffer);
++		GifFreeMapObject(OutputColorMap);
+ 		exit(EXIT_FAILURE);
+ 	}
  
-@@ -179,6 +181,8 @@ static void SaveGif(GifByteType *OutputB
- 	EGifPutImageDesc(GifFile,
- 			 0, 0, Width, Height, false, NULL) == GIF_ERROR) {
- 	PrintGifError(Error);
-+	free(OutputBuffer);
-+	GifFreeMapObject(OutputColorMap);
- 	exit(EXIT_FAILURE);
-     }
+@@ -173,6 +175,8 @@ static void SaveGif(GifByteType *OutputB
+ 	    EGifPutImageDesc(GifFile, 0, 0, Width, Height, false, NULL) ==
+ 	        GIF_ERROR) {
+ 		PrintGifError(Error);
++		free(OutputBuffer);
++		GifFreeMapObject(OutputColorMap);
+ 		exit(EXIT_FAILURE);
+ 	}
  
-@@ -187,8 +191,11 @@ static void SaveGif(GifByteType *OutputB
- 	       GifFile->Image.Width, GifFile->Image.Height);
+@@ -182,6 +186,8 @@ static void SaveGif(GifByteType *OutputB
  
-     for (i = 0; i < Height; i++) {
--	if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR)
-+	if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR) {
-+	    free(OutputBuffer);
-+	    GifFreeMapObject(OutputColorMap);
- 	    exit(EXIT_FAILURE);
-+        }
- 	GifQprintf("\b\b\b\b%-4d", Height - i - 1);
+ 	for (i = 0; i < Height; i++) {
+ 		if (EGifPutLine(GifFile, Ptr, Width) == GIF_ERROR) {
++			free(OutputBuffer);
++			GifFreeMapObject(OutputColorMap);
+ 			exit(EXIT_FAILURE);
+ 		}
+ 		GifQprintf("\b\b\b\b%-4d", Height - i - 1);
+@@ -191,6 +197,8 @@ static void SaveGif(GifByteType *OutputB
  
- 	Ptr += Width;
-@@ -196,6 +203,8 @@ static void SaveGif(GifByteType *OutputB
- 
-     if (EGifCloseFile(GifFile, &Error) == GIF_ERROR) {
- 	PrintGifError(Error);
-+	free(OutputBuffer);
-+	GifFreeMapObject(OutputColorMap);
- 	exit(EXIT_FAILURE);
-     }
+ 	if (EGifCloseFile(GifFile, &Error) == GIF_ERROR) {
+ 		PrintGifError(Error);
++		free(OutputBuffer);
++		GifFreeMapObject(OutputColorMap);
+ 		exit(EXIT_FAILURE);
+ 	}
  }
diff --git a/giflib_html-docs-consistent-ids.patch b/giflib_html-docs-consistent-ids.patch
index d4006ea72799dc1a30255956e8b4d9a3dfc6de7a..fd2964249b46e21091577d8d46c53a155b86ec65 100644
--- a/giflib_html-docs-consistent-ids.patch
+++ b/giflib_html-docs-consistent-ids.patch
@@ -1,8 +1,8 @@
-diff -rupN --no-dereference giflib-5.2.1/doc/Makefile giflib-5.2.1-new/doc/Makefile
---- giflib-5.2.1/doc/Makefile	2019-03-28 18:05:25.000000000 +0100
-+++ giflib-5.2.1-new/doc/Makefile	2020-02-17 16:51:04.489397582 +0100
+diff -rupN --no-dereference giflib-5.2.2/doc/Makefile giflib-5.2.2-new/doc/Makefile
+--- giflib-5.2.2/doc/Makefile	2024-02-18 19:15:05.000000000 +0100
++++ giflib-5.2.2-new/doc/Makefile	2024-02-19 09:39:38.785968237 +0100
 @@ -1,7 +1,7 @@
- .SUFFIXES: .xml .html .txt .adoc .1
+ .SUFFIXES: .xml .html .txt .adoc .1 .7
  
  .xml.html:
 -	xmlto xhtml-nochunks $<
diff --git a/giflib_quantize.patch b/giflib_quantize.patch
index aa34629477705fd9df2f495514d91260fbf710c1..57c2b690160184ae5592cdf1a9d615eb2f04ff29 100644
--- a/giflib_quantize.patch
+++ b/giflib_quantize.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference giflib-5.2.1/Makefile giflib-5.2.1-new/Makefile
---- giflib-5.2.1/Makefile	2019-06-24 18:08:57.000000000 +0200
-+++ giflib-5.2.1-new/Makefile	2020-02-17 16:51:04.450397434 +0100
+diff -rupN --no-dereference giflib-5.2.2/Makefile giflib-5.2.2-new/Makefile
+--- giflib-5.2.2/Makefile	2024-02-19 02:01:50.000000000 +0100
++++ giflib-5.2.2-new/Makefile	2024-02-19 09:39:38.715985279 +0100
 @@ -29,11 +29,11 @@ LIBPOINT=0
  LIBVER=$(LIBMAJOR).$(LIBMINOR).$(LIBPOINT)