[3.1] giflib: Heap-based buffer overflow in giffix utility (CVE-2015-7555)
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows
attackers to cause a denial of service
(program crash) via crafted image and logical screen width fields in a
GIF file.
References:
http://seclists.org/oss-sec/2015/q4/548
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7555
https://security-tracker.debian.org/tracker/CVE-2015-7555
(from redmine: issue id 5662, created on 2016-05-31, closed on 2016-06-24)
- Relations:
- parent #5659 (closed)
- Changesets:
- Revision c686173f on 2016-06-24T08:45:12Z:
main/giflib: upgrade to 5.1.1. Security fix (CVE-2015-7555). Fixes #5662
(cherry picked from commit e923ae18b6f5631e1c3a468d33471a559aa06ac4)