Closed
Conversation
See full changelog https://github.com/analogdevicesinc/libiio/releases/tag/v0.19 Signed-off-by: Pierre-Jean Texier <[email protected]>
Contributor
Author
|
merged in 69c0e0d |
halstead
pushed a commit
that referenced
this pull request
Jun 8, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab #182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 8, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 9, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 9, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 9, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 9, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Jun 9, 2021
Changes since 4.4.2 (Bug Fixes) Corrected a buffer overwrite possible when parsing hexadecimal literals with more than 1024 octets. Reported by Jon Franklin from Dell, and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab openembedded#182] CVE: CVE-2021-25217 See: https://downloads.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1-RELNOTES Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Dec 24, 2024
Changelog: ========= - Handle messages containing only end boundary openembedded#142. - Don't warn when CRLF is found after last boundary on MultipartParser openembedded#193. - Hard break if found data after last boundary on MultipartParser openembedded#189. - Handle PermissionError in fallback code for old import name openembedded#182. - Add dunder attributes to multipart package openembedded#177. - Replace FutureWarning to PendingDeprecationWarning openembedded#174. - Add missing files to SDist openembedded#171. - Fix import scheme for multipart module (openembedded#168). - Rename import to python_multipart Signed-off-by: Wang Mingyu <[email protected]> Signed-off-by: Khem Raj <[email protected]>
kraj
pushed a commit
to YoeDistro/meta-openembedded
that referenced
this pull request
Apr 1, 2026
Drop patch that was merged upstream. License update: a copyright line was removed. The license is still MIT. Changes: Version 6.1.2 ============= Code Fixes ---------- * Fix for low-severity CVE-2026-23868 affecting gifponge, giftool, and gifbuild, but not the core library - library clients need not be alarned. Version 6.1.1 ============= This release bumps the major version, but only one entry point - EGifSpew() - has changed signature and behavior (in order to be able to pass out a detailed error code). The internal error codes in the E_GIF_ERR series have changed value so none of them collides with GIF_ERROR. This code has been systematically audited and hardened wuth ChatGPT-5.2. The only library fixes reported by users or found by robot were for some memory leaks that could only triggered by severely malformed GIFs. Other bugs are edge-case failures in the CLI tools. The gif2rbg CLI tool has been moved to the "obsolete" bin, because its only deployment case in 2026 is as a piñata at fuzzer parties. Warning: the CLI tools in the obsolete category will soon be removed from the distribution entirely. The maintainer is tired of fielding junk bugs filed against them by would-be coup-counters who found yet another edge case, and the rest of the world doesn't need noisy CVEs that aren't actually DoS or security issues for giflib clients. Code Fixes ---------- * Fix for CVE-2021-40633. * Fix SF bug openembedded#165 EGifSpew leaks GifFileOut->SColorMap * Fix SF bug openembedded#171 ImageMagick required to build giflib on non-Darwin Platforms * Fix SF bug openembedded#172 Incorrect object files in shared libutil on darwin * Fix SF bug openembedded#173 installation of manual pages and html documentation * Fix SF bug openembedded#175 Memory leaks in gifecho.c's main() and in gifalloc.c's GifMakeMapObject * Fix SF bug openembedded#177 wrong pointer used in giftool getbool * Fix SF bug openembedded#179 Path Traversal vulnerability * Fix SF bug openembedded#180: -Wformat-truncation likely pointing out an actual bug * Fix SF bug openembedded#182 out‐of‐bounds writes in Icon2Gif * Fix SF bug openembedded#184 uninitialized buffer in DumpScreen2RGB * Fix SF bug openembedded#185 integer overflow in gifbg.c * Fix SF bug openembedded#186 integer overflow in Icon2Gif * Fix SF bug openembedded#187: CVE-2025-31344 * Fix SF bug openembedded#170 Tests failing on Ubuntu Noble, giftext buffer overflow * Fix SF bug openembedded#165 EGifSpew leaks GifFileOut->SColorMap * Fix SF bug openembedded#162 detected memory leaks in GifMakeSavedImage giflib/gifalloc.c * Fix SF bug openembedded#161 detected memory leaks in EGifOpenFileHandle giflib/egif_lib.c * Fix SF bug openembedded#142 ABI break public symbol GifQuantizeBuffer Other bugs that duplicate these have breen addressesed by these fixes * SF bug openembedded#156 EGifSpew leaks SavedImages (and more); won't fix, caller might want to write a GIF, modify the in-memory data, then write again. Tests ----- Test suite now emits TAP (Test Anything Protocol). Signed-off-by: Gyorgy Sarvari <[email protected]> Signed-off-by: Khem Raj <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See full changelog https://github.com/analogdevicesinc/libiio/releases/tag/v0.19
Signed-off-by: Pierre-Jean Texier [email protected]