MGASA-2019-0096

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0096.html

Import Source

https://advisories.mageia.org/MGASA-2019-0096.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2019-0096

Related

CVE-2018-11490

Published

2019-02-20T22:18:01Z

Modified

2019-02-20T21:48:17Z

Summary

Updated giflib packages fix security vulnerability

Details

Null dereferences in main() of gifclrmp. Heap Buffer Overflow-2 in function DGifDecompressLine() in cgif.c. CVE-2018-11490) Segmentation fault in PrintCodeBlock. Segmentation fault of giftool reading a crafted file. Floating point exception in giftext utility. Heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317. Ineffective bounds check in DGifSlurp. GIFLIB 5.1.4: DGifSlurp fails on empty comment.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / giflib

Package

Name: giflib
Purl: pkg:rpm/mageia/giflib?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.6-1.mga6

Ecosystem specific

{
    "section": "core"
}