oss-sec mailing list archives
Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability.
From: 李亚杰 <liyajie () openeuler sh>
Date: Tue, 08 Apr 2025 14:32:35 +0800
Hi Hanno, We have noticed your report on this issue. But because the code snippet of the same issue exists in multiple code branches, so I think this issue is not fixed completely. For the current CVE-2025-31344, Bernhard has submitted a patch: https://github.com/OpenMandrivaAssociation/giflib/blob/master/giflib-5.2.2-cve-2025-31344.patch. I think this patch works for the one we reported. Best Regards, Yajie Li
Current thread:
- CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. 李亚杰 (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Mingcong Bai (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Hanno Böck (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. 李亚杰 (Apr 08)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Sebastian Pipping (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Sebastian Pipping (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 09)