"load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service."
No fix upstream yet.
"Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6."
The linked upstream seems to be dead, and there's a fork with fixes to both issues:
Please bump and use the new upstream.
*** Bug 783516 has been marked as a duplicate of this bug. ***
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS).
The bug has been referenced in the following commit(s):
Author: Akinori Hattori <firstname.lastname@example.org>
AuthorDate: 2021-10-01 13:51:31 +0000
Commit: Akinori Hattori <email@example.com>
CommitDate: 2021-10-01 13:51:31 +0000
media-libs/libsixel: new upstream release
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Akinori Hattori <firstname.lastname@example.org>
media-libs/libsixel/Manifest | 1 +
media-libs/libsixel/files/libsixel-meson.patch | 65 ++++++++++++++++++++
media-libs/libsixel/libsixel-1.10.3.ebuild | 85 ++++++++++++++++++++++++++
media-libs/libsixel/metadata.xml | 1 +
4 files changed, 152 insertions(+)
Looks like the last CVE hasn't been fixed in libsixel/libsixel, reported at: