head 1.2; access; symbols pkgsrc-2025Q4:1.1.0.6 pkgsrc-2025Q4-base:1.1 pkgsrc-2025Q3:1.1.0.4 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.2 pkgsrc-2025Q2-base:1.1; locks; strict; comment @# @; 1.2 date 2026.03.10.20.40.57; author wiz; state dead; branches; next 1.1; commitid P9yH2T43POTpctxG; 1.1 date 2025.05.04.11.19.20; author nia; state Exp; branches; next ; commitid 6TgjucbydiQv4ATF; desc @@ 1.2 log @giflib*: update to 6.1.2 Version 6.1.2 ============= Code Fixes ---------- * Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild, but not the core library - library clients need not be alarned. Version 6.1.1 ============= This release bumps the major version, but only one entry point - EGifSpew() - has changed signature and behavior (in order to be able to pass out a detailed error code). The internal error codes in the E_GIF_ERR series have changed value so none of them collides with GIF_ERROR. This code has been systematically audited and hardened wuth ChatGPT-5.2. The only library fixes reported by users or found by robot were for some memory leaks that could only triggered by severely malformed GIFs. Other bugs are edge-case failures in the CLI tools. The gif2rbg CLI tool has been moved to the "obsolete" bin, because its only deployment case in 2026 is as a piñata at fuzzer parties. Warning: the CLI tools in the obsolete category will soon be removed from the distribution entirely. The maintainer is tired of fielding junk bugs filed against them by would-be coup-counters who found yet another edge case, and the rest of the world doesn't need noisy CVEs that aren't actually DoS or security issues for giflib clients. Code Fixes ---------- * Fix for CVE-2021-40633. * Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap * Fix SF bug #171 ImageMagick required to build giflib on non-Darwin Platforms * Fix SF bug #172 Incorrect object files in shared libutil on darwin * Fix SF bug #173 installation of manual pages and html documentation * Fix SF bug #175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject * Fix SF bug #177 wrong pointer used in giftool getbool * Fix SF bug #179 Path Traversal vulnerability * Fix SF bug #180: -Wformat-truncation likely pointing out an actual bug * Fix SF bug #182 out‐of‐bounds writes in Icon2Gif * Fix SF bug #184 uninitialized buffer in DumpScreen2RGB * Fix SF bug #185 integer overflow in gifbg.c * Fix SF bug #186 integer overflow in Icon2Gif * Fix SF bug #187: CVE-2025-31344 * Fix SF bug #170 Tests failing on Ubuntu Noble, giftext buffer overflow * Fix SF bug #165 EGifSpew leaks GifFileOut->SColorMap * Fix SF bug #162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c * Fix SF bug #161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c * Fix SF bug #142 ABI break public symbol GifQuantizeBuffer Other bugs that duplicate these have breen addressesed by these fixes * SF bug #156 EGifSpew leaks SavedImages (and more); won't fix, caller might want to write a GIF, modify the in-memory data, then write again. Tests ----- Test suite now emits TAP (Test Anything Protocol). @ text @$NetBSD: patch-CVE-2025-31344,v 1.1 2025/05/04 11:19:20 nia Exp $ Fix CVE-2025-31344 https://github.com/OpenMandrivaAssociation/giflib/blob/master/giflib-5.2.2-cve-2025-31344.patch https://security-tracker.debian.org/tracker/CVE-2025-31344 --- gif2rgb.c.orig 2024-02-19 03:01:28.000000000 +0000 +++ gif2rgb.c @@@@ -329,6 +329,11 @@@@ static void DumpScreen2RGB(char *FileNam GifRow = ScreenBuffer[i]; GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); for (j = 0; j < ScreenWidth; j++) { + /* Check if color is within color palete */ + if (GifRow[j] >= ColorMap->ColorCount) { + GIF_EXIT(GifErrorString( + D_GIF_ERR_IMAGE_DEFECT)); + } ColorMapEntry = &ColorMap->Colors[GifRow[j]]; Buffers[0][j] = ColorMapEntry->Red; Buffers[1][j] = ColorMapEntry->Green; @ 1.1 log @giflib: Apply patch for CVE-2025-31344 @ text @d1 1 a1 1 $NetBSD$ @