[3.3] giflib: Heap-based buffer overflow in giffix utility (CVE-2015-7555)
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows
attackers to cause a denial of service
(program crash) via crafted image and logical screen width fields in a
GIF file.
References:
http://seclists.org/oss-sec/2015/q4/548
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7555
https://security-tracker.debian.org/tracker/CVE-2015-7555
(from redmine: issue id 5660, created on 2016-05-31, closed on 2016-06-24)
- Relations:
- parent #5659 (closed)
- Changesets:
- Revision e923ae18 on 2016-06-24T08:41:51Z:
main/giflib: security fix (CVE-2015-7555). Fixes #5660
- Revision 1659b6a1 on 2016-06-24T08:42:29Z:
main/giflib: security fix (CVE-2015-7555). Fixes #5660
(cherry picked from commit e923ae18b6f5631e1c3a468d33471a559aa06ac4)