Mageia Advisory: MGASA-2019-0096 - Updated giflib packages fix security vulnerability

Updated giflib packages fix security vulnerability

Publication date: 20 Feb 2019
Modification date: 20 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-11490

Description

Null dereferences in main() of gifclrmp.
Heap Buffer Overflow-2 in function DGifDecompressLine() in cgif.c.
CVE-2018-11490)
Segmentation fault in PrintCodeBlock.
Segmentation fault of giftool reading a crafted file.
Floating point exception in giftext utility.
Heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317.
Ineffective bounds check in DGifSlurp.
GIFLIB 5.1.4: DGifSlurp fails on empty comment.

References

https://bugs.mageia.org/show_bug.cgi?id=24378
https://sourceforge.net/p/giflib/code/ci/master/tree/NEWS
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11490

SRPMS

6/core

giflib-5.1.6-1.mga6

Advisories » MGASA-2019-0096

Updated giflib packages fix security vulnerability

Description

References

SRPMS

6/core