From https://bugzilla.redhat.com/show_bug.cgi?id=1323060: A vulnerability was found in a way imlib2 processes GIF files. A specially crafted file could cause the imlib2 to crash, or even expose some of the host memory. Original bug report (reproducer attached): https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369 From https://bugzilla.redhat.com/show_bug.cgi?id=1323080: A vulnerability was found in imlib2. Attempting to draw a 2x1 radi ellipse with imlib_image_draw_ellipse() will result in a floating point exception. Original bug report (reproducer attached): https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
afaict, they never actually notified upstream for either issue. i can push the gif fix, but have to talk to some of the e admins upstream.
i've pushed the gif oob read upstream: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=16de244bd03d2f75da6508feb1ad9cb4e668e9dc let's make this bug only about the gif oob issue. the ellipse div-by-zero looks like much less of an issue, and it'll be a bit longer yet before it's resolved. should be fine to stabilize 1.4.8-r1: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=754b25e1b738fcff29b16148ef70408f28448532
This issue was resolved and addressed in GLSA 201611-12 at https://security.gentoo.org/glsa/201611-12 by GLSA coordinator Aaron Bauman (b-man).
