giflib: update to 5.2.2

Drop upstreamed CVE patches. Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-03-24 04:21:01 +02:00 · 2024-03-24 04:21:01 +02:00 · 0ba53d3a0d
parent 35ef370178
commit 0ba53d3a0d
3 changed files with 9 additions and 41 deletions
--- a/libs/giflib/Makefile
+++ b/libs/giflib/Makefile
@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=giflib
-PKG_VERSION:=5.2.1
-PKG_RELEASE:=2
+PKG_VERSION:=5.2.2
+PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@SF/giflib
-PKG_HASH:=31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd
+PKG_HASH:=be7ffbd057cadebe2aa144542fd90c6838c6a083b5e8a9048b8ee3b66b29d5fb

 PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
 PKG_LICENSE:=MIT
@ -58,6 +58,12 @@ MAKE_FLAGS += \
 	LDFLAGS="$(TARGET_LDFLAGS)" \
 	PREFIX=$(CONFIGURE_PREFIX)

+## Avoid 'convert' invocation during the build
+define Build/Prepare
+	$(call Build/Prepare/Default)
+	touch $(PKG_BUILD_DIR)/doc/giflib-logo.gif
+endef
+
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/{lib,include}
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib
--- a/libs/giflib/patches/010-CVE-2022-28506.patch
+++ b/libs/giflib/patches/010-CVE-2022-28506.patch
@ -1,14 +0,0 @@
--- a/gif2rgb.c
-+++ b/gif2rgb.c
-@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam
-             GifRow = ScreenBuffer[i];
-             GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
-             for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
-+                /* Check if color is within color palete */
-+                if (GifRow[j] >= ColorMap->ColorCount)
-+                {
-+                   GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
-+                }
-                 ColorMapEntry = &ColorMap->Colors[GifRow[j]];
-                 *BufferP++ = ColorMapEntry->Red;
-                 *BufferP++ = ColorMapEntry->Green;
--- a/libs/giflib/patches/020-CVE-2023-39742.patch
+++ b/libs/giflib/patches/020-CVE-2023-39742.patch
@ -1,24 +0,0 @@
-Description: Fix segmentation faults due to non correct checking for args
-Author: David Suárez <david.sephirot@gmail.com>
-Origin: vendor
-Bug: https://sourceforge.net/p/giflib/bugs/153/
-Bug-Debian: https://bugs.debian.org/715963
-Bug-Debian: https://bugs.debian.org/715964
-Bug-Debian: https://bugs.debian.org/715967
-Last-Update: 2020-12-20
-
--- a/getarg.c
-+++ b/getarg.c
-@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[],
-     int i = 0, ScanRes;
- 
-     while (!(ISSPACE(CtrlStrCopy[i]))) {
-+
-+        if ((*argv) == argv_end) {
-+            GAErrorToken = Option;
-+            return CMD_ERR_NumRead;
-+        }
-+
-         switch (CtrlStrCopy[i + 1]) {
-           case 'd':    /* Get signed integers. */
-               ScanRes = sscanf(*((*argv)++), "%d",