giflib: 5.1.4 -> 5.2.1
5.1.5 says: Fix SF bug #113: Heap Buffer Overflow-2 in function DGifDecompressLine() in cgif.c. This had been assigned CVE-2018-11490. This *probably* also fixes a minor CVE-2019-15133 #68563 (DoS only). (I couldn't find a good reference quickly.) The changelogs are almost only bugfixes, and ABI tracker also looks OK: https://abi-laboratory.pro/?view=timeline&l=giflib so I gather this is suitable for direct push to nixpkgs staging-next. I built several reverse dependencies locally.
parent
7d39ecdf
Please register or sign in to comment