drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in gifsicle
Name: |
Zwei Probleme in gifsicle |
|
ID: |
FEDORA-2024-4672c1ff2d |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 38 |
|
Datum: |
Fr, 1. März 2024, 06:49 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44821
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46009 |
|
Applikationen: |
Gifsicle |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2024-4672c1ff2d 2024-03-01 01:39:46.018133 ------------------------------------------------------------------------------- -
Name : gifsicle Product : Fedora 38 Version : 1.95 Release : 1.fc38 URL : http://www.lcdf.org/gifsicle/ Summary : Powerful program for manipulating GIF images and animations Description : Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations.
Some more gifsicle features:
* Batch mode for changing GIFs in place. * Prints detailed information about GIFs, including comments. * Control over interlacing, comments, looping, transparency... * Creates well-behaved GIFs: removes redundant colors, only uses local color tables if it absolutely has to (local color tables waste space and can cause viewing artifacts), etc. * It can shrink colormaps and change images to use the Web-safe palette (or any colormap you choose). * It can optimize your animations! This stores only the changed portion of each frame, and can radically shrink your GIFs. You can also use transparency to make them even smaller. Gifsicle?s optimizer is pretty powerful, and usually reduces animations to within a couple bytes of the best commercial optimizers. * Unoptimizing animations, which makes them easier to edit. * A dumb-ass name.
One other program is included with gifsicle and gifdiff compares two GIFs for identical visual appearance.
------------------------------------------------------------------------------- - Update Information:
Update to 1.95 ------------------------------------------------------------------------------- - ChangeLog:
* Wed Feb 21 2024 Orion Poplawski <orion@nwra.com> - 1.95-1 - Update to 1.95 CVE-2023-46009 (bz#2244935) CVE-2023-44821 (bz#2250064) * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.94-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.94-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.94-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sun Jul 16 2023 Orion Poplawski <orion@nwra.com> - 1.94-1 - Update to 1.94 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #2244935 - CVE-2023-46009 gifsicle: floating point exception vulnerability via resize_stream at src/xform.c https://bugzilla.redhat.com/show_bug.cgi?id=2244935 [ 2 ] Bug #2250064 - CVE-2023-44821 gifsicle: denial of service in Gif_Realloc calls https://bugzilla.redhat.com/show_bug.cgi?id=2250064 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4672c1ff2d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
|
|
|
|