Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
202
security advisorypatchimportantopenSUSE: 2024:0146-1 Important: Fix Gifsicle Floating Point Issue
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for gifsicle ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0146-1 Rating: important References: #1216403 Cross-References: CVE-2023-46009 CVSS scores: CVE-2023-46009 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gifsicle fixes the following issues: Update to version 1.95: - CVE-2023-46009: Fixed floating point exception vulnerability via resize_stream at src/xform.c (boo#1216403) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-146=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): gifsicle-1.95-bp155.3.6.1 References: https://www.suse.com/security/cve/CVE-2023-46009.html https://bugzilla.suse.com/1216403 . A critical security patch for Gifsicle is out, addressing vulnerabilities in openSUSE. Users must update immediately to safeguard their systems. gifsicle update, openSUSE security, important fix, software patch. . Severity: Important. LinuxSecurity.com Team
May 29, 2024
•Important
OpenSUSE
89
security advisoryFedoraDoS threatFedora 38 - Gifsicle 2024-4672c1ff2d Moderate: DoS, FP Exception
Update to 1.95. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4672c1ff2d 2024-03-01 01:39:46.018133 -------------------------------------------------------------------------------- Name : gifsicle Product : Fedora 38 Version : 1.95 Release : 1.fc38 URL : http://www.lcdf.org/gifsicle/ Summary : Powerful program for manipulating GIF images and animations Description : Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: * Batch mode for changing GIFs in place. * Prints detailed information about GIFs, including comments. * Control over interlacing, comments, looping, transparency... * Creates well-behaved GIFs: removes redundant colors, only uses local color tables if it absolutely has to (local color tables waste space and can cause viewing artifacts), etc. * It can shrink colormaps and change images to use the Web-safe palette (or any colormap you choose). * It can optimize your animations! This stores only the changed portion of each frame, and can radically shrink your GIFs. You can also use transparency to make them even smaller. Gifsicle?s optimizer is pretty powerful, and usually reduces animations to within a couple bytes of the best commercial optimizers. * Unoptimizing animations, which makes them easier to edit. * A dumb-ass name. One other program is included with gifsicle and gifdiff compares two GIFs for identical visual appearance. -------------------------------------------------------------------------------- Update Information: Update to 1.95 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 21 2024 Orion Poplawski - 1.95-1 - Update to 1.95 CVE-2023-46009 (bz#2244935) CVE-2023-44821 (bz#2250064) * Wed Jan 24 2024 Fedora ReleaseEngineering - 1.94-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.94-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering - 1.94-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Sun Jul 16 2023 Orion Poplawski - 1.94-1 - Update to 1.94 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2244935 - CVE-2023-46009 gifsicle: floating point exception vulnerability via resize_stream at src/xform.c https://bugzilla.redhat.com/show_bug.cgi?id=2244935 [ 2 ] Bug #2250064 - CVE-2023-44821 gifsicle: denial of service in Gif_Realloc calls https://bugzilla.redhat.com/show_bug.cgi?id=2250064 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4672c1ff2d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 01, 2024
Fedora
89
security advisoryDoS issueFedoraFedora 39: FEDORA-2024-5e50570506 Critical: gifsicle DoS Fix
Update to 1.95. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-5e50570506 2024-03-01 01:07:58.185664 -------------------------------------------------------------------------------- Name : gifsicle Product : Fedora 39 Version : 1.95 Release : 1.fc39 URL : http://www.lcdf.org/gifsicle/ Summary : Powerful program for manipulating GIF images and animations Description : Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: * Batch mode for changing GIFs in place. * Prints detailed information about GIFs, including comments. * Control over interlacing, comments, looping, transparency... * Creates well-behaved GIFs: removes redundant colors, only uses local color tables if it absolutely has to (local color tables waste space and can cause viewing artifacts), etc. * It can shrink colormaps and change images to use the Web-safe palette (or any colormap you choose). * It can optimize your animations! This stores only the changed portion of each frame, and can radically shrink your GIFs. You can also use transparency to make them even smaller. Gifsicle?s optimizer is pretty powerful, and usually reduces animations to within a couple bytes of the best commercial optimizers. * Unoptimizing animations, which makes them easier to edit. * A dumb-ass name. One other program is included with gifsicle and gifdiff compares two GIFs for identical visual appearance. -------------------------------------------------------------------------------- Update Information: Update to 1.95 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 21 2024 Orion Poplawski - 1.95-1 - Update to 1.95 CVE-2023-46009 (bz#2244935) CVE-2023-44821 (bz#2250064) * Wed Jan 24 2024 Fedora ReleaseEngineering - 1.94-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.94-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2244935 - CVE-2023-46009 gifsicle: floating point exception vulnerability via resize_stream at src/xform.c https://bugzilla.redhat.com/show_bug.cgi?id=2244935 [ 2 ] Bug #2250064 - CVE-2023-44821 gifsicle: denial of service in Gif_Realloc calls https://bugzilla.redhat.com/show_bug.cgi?id=2250064 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-5e50570506' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 01, 2024
•Critical
Fedora
202
security advisorybuffer overflowheap overflowopenSUSE: 2023:0160-1 Important: Gifsicle Heap Overflow Fix
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for gifsicle ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0160-1 Rating: important References: #1212645 Cross-References: CVE-2023-36193 CVSS scores: CVE-2023-36193 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gifsicle fixes the following issues: - Update to version 1.94: * Fix some bugs, including fix for CVE-2023-36193: heap buffer overflow (read) via the ambiguity_error component at /src/clp.c (boo#1212645). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2023-160=1 - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-160=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): gifsicle-1.94-bp155.3.3.1 gifsicle-debuginfo-1.94-bp155.3.3.1 gifsicle-debugsource-1.94-bp155.3.3.1 - openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64): gifsicle-1.94-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2023-36193.html https://bugzilla.suse.com/1212645 . Security Advisory: gifsicle vulnerability CVE-2023-36193 has been promptly addressed. Crucial patch now accessible for openSUSE Backports users.. gifsicle update, openSUSE security, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
Jun 29, 2023
•Important
OpenSUSE
89
security advisorycriticalFedoraFedora 33: 2021-b349650e52 Critical: Gifsicle NULL Pointer Fix
Update to 1.93, fixes CVE-2020-19752. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-b349650e52 2021-09-23 19:28:47.072019 --------------------------------------------------------------------------------Name : gifsicle Product : Fedora 33 Version : 1.93 Release : 1.fc33 URL : http://www.lcdf.org/gifsicle/ Summary : Powerful program for manipulating GIF images and animations Description : Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: * Batch mode for changing GIFs in place. * Prints detailed information about GIFs, including comments. * Control over interlacing, comments, looping, transparency... * Creates well-behaved GIFs: removes redundant colors, only uses local color tables if it absolutely has to (local color tables waste space and can cause viewing artifacts), etc. * It can shrink colormaps and change images to use the Web-safe palette (or any colormap you choose). * It can optimize your animations! This stores only the changed portion of each frame, and can radically shrink your GIFs. You can also use transparency to make them even smaller. Gifsicle?s optimizer is pretty powerful, and usually reduces animations to within a couple bytes of the best commercial optimizers. * Unoptimizing animations, which makes them easier to edit. * A dumb-ass name. One other program is included with gifsicle and gifdiff compares two GIFs for identical visual appearance. --------------------------------------------------------------------------------Update Information: Update to 1.93, fixes CVE-2020-19752 --------------------------------------------------------------------------------ChangeLog: * Thu Jul 1 2021 Orion Poplawski - 1.93-1 - Update to 1.93 * Tue Jan 26 2021 Fedora Release Engineering -1.92-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2004042 - CVE-2020-19752 gifsicle: NULL pointer dereference in find_color_or_error function https://bugzilla.redhat.com/show_bug.cgi?id=2004042 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-b349650e52' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 23, 2021
•Critical
Fedora
89
security advisorymoderateupdateFedora 34: 2021-c351011066 Moderate: Gifsicle NULL Pointer Issue
Update to 1.93, fixes CVE-2020-19752. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-c351011066 2021-09-23 19:25:44.307972 --------------------------------------------------------------------------------Name : gifsicle Product : Fedora 34 Version : 1.93 Release : 1.fc34 URL : http://www.lcdf.org/gifsicle/ Summary : Powerful program for manipulating GIF images and animations Description : Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: * Batch mode for changing GIFs in place. * Prints detailed information about GIFs, including comments. * Control over interlacing, comments, looping, transparency... * Creates well-behaved GIFs: removes redundant colors, only uses local color tables if it absolutely has to (local color tables waste space and can cause viewing artifacts), etc. * It can shrink colormaps and change images to use the Web-safe palette (or any colormap you choose). * It can optimize your animations! This stores only the changed portion of each frame, and can radically shrink your GIFs. You can also use transparency to make them even smaller. Gifsicle?s optimizer is pretty powerful, and usually reduces animations to within a couple bytes of the best commercial optimizers. * Unoptimizing animations, which makes them easier to edit. * A dumb-ass name. One other program is included with gifsicle and gifdiff compares two GIFs for identical visual appearance. --------------------------------------------------------------------------------Update Information: Update to 1.93, fixes CVE-2020-19752 --------------------------------------------------------------------------------ChangeLog: * Thu Jul 1 2021 Orion Poplawski - 1.93-1 - Update to1.93 --------------------------------------------------------------------------------References: [ 1 ] Bug #2004042 - CVE-2020-19752 gifsicle: NULL pointer dereference in find_color_or_error function https://bugzilla.redhat.com/show_bug.cgi?id=2004042 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-c351011066' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 23, 2021
•Important
Fedora
203
security advisorymedium severitysecurity fixMageia 8 MGASA-2021-0437 Medium: Gifsicle Resize Vulnerability
Fixes a security vulnerability on certain resize operations with '--resize-method=box'. References: - https://bugs.mageia.org/show_bug.cgi?id=29458 . MGASA-2021-0437 - Updated gifsicle packages fix security vulnerability Publication date: 23 Sep 2021 URL: https://advisories.mageia.org/MGASA-2021-0437.html Type: security Affected Mageia releases: 8 Fixes a security vulnerability on certain resize operations with '--resize-method=box'. References: - https://bugs.mageia.org/show_bug.cgi?id=29458 - - http://www.lcdf.org/gifsicle/changes.html SRPMS: - 8/core/gifsicle-1.93-1.mga8 . Mageia 2021-0452 addresses a moderate severity vulnerability within pngcrush image transformation functions. For further information, continue reading.. Mageia Gifsicle Update, Security Fix, Resize Issue. . Severity: Medium. LinuxSecurity.com Team
Sep 23, 2021
•Medium
Mageia
202
security advisorymoderatesoftware patchopenSUSE Security Announcement: 2021:1249-1 Addresses Gifsicle Resize Bug
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for gifsicle ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1249-1 Rating: moderate References: Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for gifsicle fixes the following issues: Update to version 1.93: * Fix security bug on certain resize operations with `--resize-method=box` * Fix problems with colormapless GIFs. Update to version 1.92 * Add `--lossy` option from Kornel Lipi??ski. * Remove an assertion failure possible with `--conserve-memory` + `--colors` + `--careful`. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1249=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2021-1249=1 - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-1249=1 - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2021-1249=1 Package List: - openSUSE Leap 15.2 (x86_64): gifsicle-1.93-lp152.5.3.1 gifsicle-debuginfo-1.93-lp152.5.3.1 gifsicle-debugsource-1.93-lp152.5.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64): gifsicle-1.93-bp153.2.3.1 gifsicle-debuginfo-1.93-bp153.2.3.1 gifsicle-debugsource-1.93-bp153.2.3.1 - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): gifsicle-1.93-bp152.4.3.1 gifsicle-debuginfo-1.93-bp152.4.3.1 gifsicle-debugsource-1.93-bp152.4.3.1 - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): gifsicle-1.93-bp151.4.3.1 References: . Update on gifsicle tackling resize vulnerabilities in openSUSE platforms; setup instructions provided.. openSUSE Update,gifsicle Security,Software Patch,Risk Management. . LinuxSecurity.com Team
Sep 13, 2021
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!