Amazon Linux 2022 Security Advisory: ALAS-2022-139
Advisory Release Date: 2022-09-13 19:19 Pacific
Advisory Updated Date: 2022-09-21 20:00 Pacific
Severity:
Medium
References:
CVE-2022-28506
Issue Overview:
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. (CVE-2022-28506)
Affected Packages:
giflib
Issue Correction:
Run dnf update giflib --releasever=2022.0.20220921 to update your system.
New Packages:
aarch64:
giflib-debuginfo-5.2.1-9.amzn2022.aarch64
giflib-devel-5.2.1-9.amzn2022.aarch64
giflib-utils-5.2.1-9.amzn2022.aarch64
giflib-utils-debuginfo-5.2.1-9.amzn2022.aarch64
giflib-5.2.1-9.amzn2022.aarch64
giflib-debugsource-5.2.1-9.amzn2022.aarch64
i686:
giflib-devel-5.2.1-9.amzn2022.i686
giflib-debugsource-5.2.1-9.amzn2022.i686
giflib-utils-5.2.1-9.amzn2022.i686
giflib-utils-debuginfo-5.2.1-9.amzn2022.i686
giflib-5.2.1-9.amzn2022.i686
giflib-debuginfo-5.2.1-9.amzn2022.i686
src:
giflib-5.2.1-9.amzn2022.src
x86_64:
giflib-debugsource-5.2.1-9.amzn2022.x86_64
giflib-devel-5.2.1-9.amzn2022.x86_64
giflib-debuginfo-5.2.1-9.amzn2022.x86_64
giflib-5.2.1-9.amzn2022.x86_64
giflib-utils-debuginfo-5.2.1-9.amzn2022.x86_64
giflib-utils-5.2.1-9.amzn2022.x86_64