giflib: Add Gentoo patch to fix various CVEs

Fixes: CVE-2022-28506 CVE-2023-48161 CVE-2024-45993 CVE-2025-31344 Remove myself as maintainer Signed-off-by: Ted Hess <thess@kitschensync.net>
2025-12-10 12:41:22 +00:00 · 2025-09-27 17:14:55 -04:00
parent 29e614fa86
commit 6a8152811e
2 changed files with 14 additions and 2 deletions
--- a/libs/giflib/Makefile
+++ b/libs/giflib/Makefile
@@ -9,13 +9,12 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=giflib
 PKG_VERSION:=5.2.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@SF/giflib
 PKG_HASH:=be7ffbd057cadebe2aa144542fd90c6838c6a083b5e8a9048b8ee3b66b29d5fb

-PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=COPYING
 PKG_CPE_ID:=cpe:/a:giflib_project:giflib
--- a/libs/giflib/patches/200-verify-color-in-range.patch
+++ b/libs/giflib/patches/200-verify-color-in-range.patch
@@ -0,0 +1,13 @@
+--- a/gif2rgb.c
+++ b/gif2rgb.c
+@@ -329,6 +329,10 @@ static void DumpScreen2RGB(char *FileNam
+ 			GifRow = ScreenBuffer[i];
+ 			GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
+ 			for (j = 0; j < ScreenWidth; j++) {
+				/* Check if color is within color palete */
+				if (GifRow[j] >= ColorMap->ColorCount) {
+					GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
+				}
+ 				ColorMapEntry = &ColorMap->Colors[GifRow[j]];
+ 				Buffers[0][j] = ColorMapEntry->Red;
+ 				Buffers[1][j] = ColorMapEntry->Green;