[SUSE-SU-2024:0786-1] Security update for giflib
Severity
Important
Affected Packages
38
CVEs
3
Security update for giflib
This update for giflib fixes the following issues:
Update to version 5.2.2
- Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880)
- #138 Documentation for obsolete utilities still installed
- #139: Typo in 'LZW image data' page ('110_2 = 4_10')
- #140: Typo in 'LZW image data' page ('LWZ')
- #141: Typo in 'Bits and bytes' page ('filed')
- Note as already fixed SF issue #143: cannot compile under mingw
- #144: giflib-5.2.1 cannot be build on windows and other platforms using c89
- #145: Remove manual pages installation for binaries that are not installed too
- #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7
- #147 [PATCH] Fixes to doc/whatsinagif/ content
- #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB
- Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1
- Declared Won't-fix on SF issue 149: Out of source builds no longer possible
- #151: A heap-buffer-overflow in gif2rgb.c:294:45
- #152: Fix some typos on the html documentation and man pages
- #153: Fix segmentation faults due to non correct checking for args
- #154: Recover the giffilter manual page
- #155: Add gifsponge docs
- #157: An OutofMemory-Exception or Memory Leak in gif2rgb
- #158: There is a null pointer problem in gif2rgb
- #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45
- #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c
- #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c
- #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c
- #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c
- ID
- SUSE-SU-2024:0786-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20240786-1/
- Published
-
2024-03-06T20:07:22
(6 months ago) - Modified
-
2024-03-06T20:07:22
(6 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
ALPINE:CVE-2021-40633
FEDORA-2022-91f353b8be
USN-6824-1| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2024:0786-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2024:0786-1 |
|
|
| Bugzilla | SUSE Bug 1198880 |
|
|
| Bugzilla | SUSE Bug 1200551 |
|
|
| Bugzilla | SUSE Bug 1217390 |
|
|
| CVE | SUSE CVE CVE-2021-40633 page |
|
|
| CVE | SUSE CVE CVE-2022-28506 page |
|
|
| CVE | SUSE CVE CVE-2023-48161 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/libgif7?arch=x86_64&distro=sles-15&sp=4 | suse |
 libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/libgif7?arch=x86_64&distro=sles-15&sp=3 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/libgif7?arch=x86_64&distro=sles-15&sp=2 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/libgif7?arch=x86_64&distro=opensuse-leap-15.5 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/libgif7?arch=s390x&distro=sles-15&sp=4 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/libgif7?arch=s390x&distro=sles-15&sp=3 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/libgif7?arch=s390x&distro=sles-15&sp=2 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/libgif7?arch=s390x&distro=opensuse-leap-15.5 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/libgif7?arch=ppc64le&distro=sles-15&sp=4 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/libgif7?arch=ppc64le&distro=sles-15&sp=3 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/libgif7?arch=ppc64le&distro=sles-15&sp=2 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/libgif7?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/libgif7?arch=aarch64&distro=sles-15&sp=4 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/libgif7?arch=aarch64&distro=sles-15&sp=3 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/libgif7?arch=aarch64&distro=sles-15&sp=2 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/libgif7?arch=aarch64&distro=opensuse-leap-15.5 | suse |
libgif7
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/libgif7-32bit?arch=x86_64&distro=opensuse-leap-15.5 | suse |
libgif7-32bit
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-progs?arch=x86_64&distro=opensuse-leap-15.5 | suse |
giflib-progs
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-progs?arch=s390x&distro=opensuse-leap-15.5 | suse |
giflib-progs
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/giflib-progs?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
giflib-progs
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/giflib-progs?arch=aarch64&distro=opensuse-leap-15.5 | suse |
giflib-progs
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=x86_64&distro=sles-15&sp=4 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=x86_64&distro=sles-15&sp=3 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=x86_64&distro=sles-15&sp=2 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=x86_64&distro=opensuse-leap-15.5 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=s390x&distro=sles-15&sp=4 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/giflib-devel?arch=s390x&distro=sles-15&sp=3 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/giflib-devel?arch=s390x&distro=sles-15&sp=2 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/giflib-devel?arch=s390x&distro=opensuse-leap-15.5 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/giflib-devel?arch=ppc64le&distro=sles-15&sp=4 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/giflib-devel?arch=ppc64le&distro=sles-15&sp=3 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/giflib-devel?arch=ppc64le&distro=sles-15&sp=2 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/giflib-devel?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/giflib-devel?arch=aarch64&distro=sles-15&sp=4 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=aarch64&distro=sles-15&sp=3 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=aarch64&distro=sles-15&sp=2 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/giflib-devel?arch=aarch64&distro=opensuse-leap-15.5 | suse |
giflib-devel
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/giflib-devel-32bit?arch=x86_64&distro=opensuse-leap-15.5 | suse |
giflib-devel-32bit
|
< 5.2.2-150000.4.13.1 | opensuse-leap-15.5 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |