giflib: update to 5.2.2

Drop upstreamed CVE patches.

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

diff --git a/libs/giflib/Makefile b/libs/giflib/Makefile
index 722c7bdfe888e282ab4be42e4299f591fb37105f..92e0ceb9bfe0b829a2c4f6ed6d6eb9ca111b82cd 100644 (file)
--- a/libs/giflib/Makefile
+++ b/libs/giflib/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=giflib
-PKG_VERSION:=5.2.1
-PKG_RELEASE:=2
+PKG_VERSION:=5.2.2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@SF/giflib
-PKG_HASH:=31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd
+PKG_HASH:=be7ffbd057cadebe2aa144542fd90c6838c6a083b5e8a9048b8ee3b66b29d5fb
 
 PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
 PKG_LICENSE:=MIT
@@ -58,6 +58,12 @@ MAKE_FLAGS += \
        LDFLAGS="$(TARGET_LDFLAGS)" \
        PREFIX=$(CONFIGURE_PREFIX)
 
+## Avoid 'convert' invocation during the build
+define Build/Prepare
+       $(call Build/Prepare/Default)
+       touch $(PKG_BUILD_DIR)/doc/giflib-logo.gif
+endef
+
 define Build/InstallDev
        $(INSTALL_DIR) $(1)/usr/{lib,include}
        $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib

diff --git a/libs/giflib/patches/010-CVE-2022-28506.patch b/libs/giflib/patches/010-CVE-2022-28506.patch
deleted file mode 100644 (file)
index f6de2be..0000000
--- a/libs/giflib/patches/010-CVE-2022-28506.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/gif2rgb.c
-+++ b/gif2rgb.c
-@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam
-             GifRow = ScreenBuffer[i];
-             GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
-             for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
-+                /* Check if color is within color palete */
-+                if (GifRow[j] >= ColorMap->ColorCount)
-+                {
-+                   GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
-+                }
-                 ColorMapEntry = &ColorMap->Colors[GifRow[j]];
-                 *BufferP++ = ColorMapEntry->Red;
-                 *BufferP++ = ColorMapEntry->Green;

diff --git a/libs/giflib/patches/020-CVE-2023-39742.patch b/libs/giflib/patches/020-CVE-2023-39742.patch
deleted file mode 100644 (file)
index 8d01c93..0000000
--- a/libs/giflib/patches/020-CVE-2023-39742.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Description: Fix segmentation faults due to non correct checking for args
-Author: David Suárez <david.sephirot@gmail.com>
-Origin: vendor
-Bug: https://sourceforge.net/p/giflib/bugs/153/
-Bug-Debian: https://bugs.debian.org/715963
-Bug-Debian: https://bugs.debian.org/715964
-Bug-Debian: https://bugs.debian.org/715967
-Last-Update: 2020-12-20
-
---- a/getarg.c
-+++ b/getarg.c
-@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[],
-     int i = 0, ScanRes;
- 
-     while (!(ISSPACE(CtrlStrCopy[i]))) {
-+
-+        if ((*argv) == argv_end) {
-+            GAErrorToken = Option;
-+            return CMD_ERR_NumRead;
-+        }
-+
-         switch (CtrlStrCopy[i + 1]) {
-           case 'd':    /* Get signed integers. */
-               ScanRes = sscanf(*((*argv)++), "%d",