Advisories ยป MGASA-2016-0020

Updated giflib packages fix security vulnerability

Publication date: 15 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7555

Description

A heap-based buffer overflow vulnerability was found in giffix utility of
giflib when processing records of the type 'IMAGE_DESC_RECORD_TYPE' due to
the allocated size of 'LineBuffer' equaling the value of the logical
screen width, 'GifFileIn->SWidth', while subsequently having
'GifFileIn->Image.Width' bytes   of data written to it (CVE-2015-7555).
                

References

SRPMS

5/core