[SECURITY] Fedora 9 Update: giflib-4.1.3-10.fc9

updates at fedoraproject.org updates at fedoraproject.org
Tue May 19 02:09:16 UTC 2009 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-5118
2009-05-19 00:07:14
--------------------------------------------------------------------------------

Name        : giflib
Product     : Fedora 9
Version     : 4.1.3
Release     : 10.fc9
URL         : http://www.sourceforge.net/projects/giflib/
Summary     : Library for manipulating GIF format image files
Description :
The giflib package contains a shared library of functions for loading and
saving GIF format image files. It is API and ABI compatible with libungif,
the library which supported uncompressed GIFs while the Unisys LZW patent
was in effect.

--------------------------------------------------------------------------------
Update Information:

- CVE-2005-2974: NULL pointer dereference crash (#494826)  - CVE-2005-3350:
Memory corruption via a crafted GIF (#494823)  - Solved multilib problems with
documentation (#465208, #474538)  - Removed static library from giflib-devel
package (#225796 #c1)
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 16 2009 Robert Scheck <robert at fedoraproject.org> 4.1.3-10
- CVE-2005-2974: NULL pointer dereference crash (#494826)
- CVE-2005-3350: Memory corruption via a crafted GIF (#494823)
- Solved multilib problems with documentation (#465208, #474538)
- Removed static library from giflib-devel package (#225796 #c1)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #494826 - CVE-2005-2974 giflib/libunfig: NULL pointer dereference crash
        https://bugzilla.redhat.com/show_bug.cgi?id=494826
  [ 2 ] Bug #494823 - CVE-2005-3350 giflib/libunfig: memory corruption via a crafted GIF
        https://bugzilla.redhat.com/show_bug.cgi?id=494823
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update giflib' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list