UbuntuUpdates.org

Package "libgif7"

Name: libgif7

Description:

library for GIF images (library)

Latest version: 5.1.4-2ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main
Head package: giflib
Homepage: http://giflib.sourceforge.net/

Links


Download "libgif7"


Other versions of "libgif7" in Bionic

Repository Area Version
base main 5.1.4-2
updates main 5.1.4-2ubuntu0.1

Changelog

Version: 5.1.4-2ubuntu0.1 2019-08-20 17:07:16 UTC

  giflib (5.1.4-2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2016-3977.patch: fix SF
      in heap buff overflow in lib/dgif_lig.c,
      util/gif2rgb.c.
    - CVE-2016-3977
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-11490.patch: adding checks
      in DGifDecompressLine in order to avoid a heap buffer overflow and
      a denial of service in lib/dgif_lib.c.
    - CVE-2018-11490
  * SECURITY UPDATE: Divide-by-zero
    - debian/patches/CVE-2019-15133.patch: adding checks bounds
      in lib/dgif_lib.c.
    - CVE-2019-15133

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 19 Aug 2019 15:35:19 -0300

CVE-2016-3977 Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via
CVE-2018-11490 The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer
CVE-2019-15133 In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height f



About   -   Send Feedback to @ubuntu_updates