Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libgif7-5.2.2-1.2 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: libgif7 Distribution: openSUSE Tumbleweed
Version: 5.2.2 Vendor: openSUSE
Release: 1.2 Build date: Mon Feb 26 12:29:46 2024
Group: Unspecified Build host: reproducible
Size: 39975 Source RPM: giflib-5.2.2-1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://giflib.sourceforge.net/
Summary: A Library for Working with GIF Images
This Library allows manipulating GIF Image files. Since the LZW patents
have expired, giflib can again be used instead of libungif.

Provides

Requires

License

MIT

Changelog

* Mon Feb 26 2024 Fridrich Strba <fstrba@suse.com>
  - Update to version 5.2.2
    * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506
      (bsc#1198880)
    * Address SF issue #138 Documentation for obsolete utilities still
      installed
    * Address SF issue #139: Typo in "LZW image data" page
      ("110_2 = 4_10")
    * Address SF issue #140: Typo in "LZW image data" page ("LWZ")
    * Address SF issue #141: Typo in "Bits and bytes" page ("filed")
    * Note as already fixed SF issue #143: cannot compile under mingw
    * Address SF issue #144: giflib-5.2.1 cannot be build on windows
      and other platforms using c89
    * Address SF issue #145: Remove manual pages installation for
      binaries that are not installed too
    * Address SF issue #146: [PATCH] Limit installed man pages to
      binaries, move giflib to section 7
    * Address SF issue #147 [PATCH] Fixes to doc/whatsinagif/ content
    * Address SF issue #148: heap Out of Bound Read in gif2rgb.c:298
      DumpScreen2RGB
    * Declared no-info on SF issue #150: There is a denial of service
      vulnerability in GIFLIB 5.2.1
    * Declared Won't-fix on SF issue 149: Out of source builds no
      longer possible
    * Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45
    * Address SF issue #152: Fix some typos on the html documentation
      and man pages
    * Address SF issue #153: Fix segmentation faults due to non
      correct checking for args
    * Address SF issue #154: Recover the giffilter manual page
    * Address SF issue #155: Add gifsponge docs
    * Address SF issue #157: An OutofMemory-Exception or Memory Leak
      in gif2rgb
    * Address SF issue #158: There is a null pointer problem in
      gif2rgb
    * Address SF issue #159 A heap-buffer-overflow in GIFLIB5.2.1
      DumpScreen2RGB() in gif2rgb.c:298:45
    * Address SF issue #163: detected memory leaks in
      openbsd_reallocarray giflib/openbsd-reallocarray.c
    * Address SF issue #164: detected memory leaks in GifMakeMapObject
      giflib/gifalloc.c
    * Address SF issue #166: a read zero page leads segment fault in
      getarg.c and memory leaks in gif2rgb.c and gifmalloc.c
    * Address SF issue #167: Heap-Buffer Overflow during Image Saving
      in DumpScreen2RGB Function at Line 321 of gif2rgb.c
  - Added patch:
    * giflib-5.2.2-no-imagemagick.patch
      + do not use ImageMagick to resize one gif file. It creates a
      build cycle.
    * 0001-Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch
      + upstream fix for CVE-2021-40633 (bsc#1200551)
  - Modified patches:
    * PIE.patch
    * reproducible.patch
      + rediff to changed context
* Sat Aug 12 2023 Fridrich Strba <fstrba@suse.com>
  - Define make_build for distributions which do not define them in
    system macros
* Mon Dec 12 2022 Dirk Müller <dmueller@suse.com>
  - add reproducible.patch to avoid timestamp patching in the build
    section and allowing it to build with -Werror=date-time
* Thu Apr 15 2021 olaf@aepfle.de
  - prep section should just extract and patch,
    further modifications have to be done in the build section
* Wed Apr 14 2021 Fridrich Strba <fstrba@suse.com>
  - Added patch:
    * PIE.patch
      + build path independent objects and inherit CFLAGS from the
      build system (bsc#1184123)
* Fri Jul 10 2020 Matthias Eliasson <elimat@opensuse.org>
  - Update to version 5.2.1
    * In gifbuild.c, avoid a core dump on no color map.
    * Restore inadvertently removed library version numbers in Makefile.
  - Changes in version 5.2.0
    * The undocumented and deprecated GifQuantizeBuffer() entry point
      has been moved to the util library to reduce libgif size and attack
      surface. Applications needing this function are couraged to link the
      util library or make their own copy.
    * The following obsolete utility programs are no longer installed:
      gifecho, giffilter, gifinto, gifsponge. These were either installed in
      error or have been obsolesced by modern image-transformmation tools
      like ImageMagick convert. They may be removed entirely in a future
      release.
    * Address SourceForge issue #136: Stack-buffer-overflow in gifcolor.c:84
    * Address SF bug #134: Giflib fails to slurp significant number of gifs
    * Apply SPDX convention for license tagging.
  - Changes in version 5.1.9
    * The documentation directory now includes an HTMlified version of the
      GIF89 standard, and a more detailed description of how LZW compression
      is applied to GIFs.
    * Address SF bug #129: The latest version of giflib cannot be build on windows.
    * Address SF bug #126: Cannot compile giflib using c89
  - Changes in version 5.1.8
    * Address SF bug #119: MemorySanitizer: FPE on unknown address (CVE-2019-15133 bsc#1146299)
    * Address SF bug #125: 5.1.7: xmlto is still required for tarball
    * Address SF bug #124: 5.1.7: ar invocation is not crosscompile compatible
    * Address SF bug #122: 5.1.7 installs manpages to wrong directory
    * Address SF bug #121: make: getversion: Command not found
    * Address SF bug #120: 5.1.7 does not build a proper library - no
  - Changes in version 5.1.7
    * Correct a minor packaging error (superfluous symlinks) in the 5.1.6 tarballs.
  - Changes in version 5.1.6
    * Fix library installation in the Makefile.
  - Changes in version 5.1.5
    * Fix SF bug #114: Null dereferences in main() of gifclrmp
    * Fix SF bug #113: Heap Buffer Overflow-2 in function DGifDecompressLine()
      in cgif.c.  This had been assigned (CVE-2018-11490 bsc#1094832).
    * Fix SF bug #111: segmentation fault in PrintCodeBlock
    * Fix SF bug #109: Segmentation fault of giftool reading a crafted file
    * Fix SF bug #107: Floating point exception in giftext utility
    * Fix SF bug #105: heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317
    * Fix SF bug #104: Ineffective bounds check in DGifSlurp
    * Fix SF bug #103: GIFLIB 5.1.4: DGifSlurp fails on empty comment
    * Fix SF bug #87: Heap buffer overflow in 5.1.2 (gif2rgb). (CVE-2016-3977 bsc#974847)
    * The horrible old autoconf build system has been removed with extreme prejudice.
      You now build this simply by running "make" from the top-level directory.
  - Run spec-cleaner
  - Drop patches fixed upstream:
    * giflib-visibility.patch
    * giflib-automake-1_13.patch
    * giflib-CVE-2016-3977.patch
    * fix-autoconf11.patch
  - Change build system to Make only (upstream not using autoconf)
* Fri Nov 09 2018 schwab@suse.de
  - Remove unused build requires on X libraries
  - Use %license
* Wed Jul 05 2017 bwiedemann@suse.com
  - Keep timestamps before patch updates them to fix build-compare
* Fri May 13 2016 rpm@fthiessen.de
  - Added fix-autoconf11.patch for fixing build with older autoconf,
    requires for SLE11.
* Tue Apr 12 2016 fstrba@suse.com
  - Update to version 5.1.4
    * Fix SF bug #94: giflib 5 loves to fail to load images... a LOT.
    * Fix SF Bug #92: Fix buffer overread in gifbuild.
    * Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path
    * Fix SF Bug #89: Fix buffer overread in gifbuild.
  - Removed patch:
    * giflib-sf-88.patch
      + Integrated upstream
  - Added patch:
    * giflib-CVE-2016-3977.patch
    - Fix CVE-2016-3977: heap buffer overflow in gif2rgb
      (bsc#974847)

Files

/usr/lib64/libgif.so.7
/usr/lib64/libgif.so.7.2.0
/usr/share/licenses/libgif7
/usr/share/licenses/libgif7/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jun 14 23:35:33 2024