Updated giflib packages fix security vulnerability
Publication date: 15 Jan 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7555
Description
A heap-based buffer overflow vulnerability was found in giffix utility of giflib when processing records of the type 'IMAGE_DESC_RECORD_TYPE' due to the allocated size of 'LineBuffer' equaling the value of the logical screen width, 'GifFileIn->SWidth', while subsequently having 'GifFileIn->Image.Width' bytes of data written to it (CVE-2015-7555).
References
SRPMS
5/core
- giflib-4.2.3-4.2.mga5