| Summary: | media-libs/giflib buffer overflow | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sebastian Pipping <sping> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | IN_PROGRESS --- | ||
| Severity: | normal | CC: | codec, sping |
| Priority: | Normal | Keywords: | PATCH |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://seclists.org/oss-sec/2025/q2/21 | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=933163 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 918539 | ||
|
Description
Sebastian Pipping
2025-04-07 15:21:15 UTC
Bernhard Rosenkraenzer (https://github.com/berolinux) has shared a candidate patch (https://github.com/OpenMandrivaAssociation/giflib/blob/master/giflib-5.2.2-cve-2025-31344.patch) a moment ago and (while I do not have a reproducer GIF file to test it with) and the patch looks good to me: my vote for application in Gentoo. |