CVE-2025-31344 was announced here: https://www.openwall.com/lists/oss-security/2025/04/07/3
Source RPM: (none) => giflib-5.2.2-1.mga10.src.rpm, giflib-5.2.1-7.1.mga9.src.rpmWhiteboard: (none) => MGA9TOOCVE: (none) => CVE-2025-31344
SUSE has issued an advisory on April 8: https://lists.suse.com/pipermail/sle-updates/2025-April/038931.html
Status comment: (none) => Patch available from SUSE
Sorry, cannot find the patch. Assigning globally; different people have maintained this pkg.
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix a security vulnerability: The giflib open-source component has a buffer overflow vulnerability. (CVE-2025-31344) References: https://www.openwall.com/lists/oss-security/2025/04/07/3 https://lists.suse.com/pipermail/sle-updates/2025-April/038931.html ======================== Updated packages in core/updates_testing: ======================== giflib-progs-5.2.1-7.2.mga9 lib(64)gif7-5.2.1-7.2.mga9 lib(64)gif-devel-5.2.1-7.2.mga9 from SRPM: giflib-5.2.1-7.2.mga9.src.rpm
Status: NEW => ASSIGNEDStatus comment: Patch available from SUSE => (none)Version: Cauldron => 9Assignee: pkg-bugs => qa-bugsWhiteboard: MGA9TOO => (none)Source RPM: giflib-5.2.2-1.mga10.src.rpm, giflib-5.2.1-7.1.mga9.src.rpm => giflib-5.2.1-7.1.mga9.src.rpm
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. Ref bug 32303 for tests. $ giftool -f "%v\n%w x %h\n" < wapen_merksem.gif GIF89a 50 x 60 $ giftext -c < wapen_merksem.gif Stdin: Screen Size - Width = 50, Height = 60. ColorResolution = 8, BitsPerPixel = 8, BackGround = 0, Aspect = 0. Has Global Color Map. Global Color Map: Sort Flag: off 0: bch bdh c4h 1: e4h dch deh 2: f3h eeh eeh 3: f9h f8h f6h 4: fbh fch fch 5: feh fdh feh 6: ffh feh ffh 7: ffh ffh ffh etc... at the end GIF89 graphics control (Ext Code = 249 [ ]): Disposal Mode: 0 User Input Flag: 0 Transparency on: no DelayTime: 0 Transparent Index: -1 Image #1: Image Size - Left = 0, Top = 0, Width = 50, Height = 60. Image is Non Interlaced. No Image Color Map. GIF file terminated normally. $ cat colourmap.txt 0 188 189 196 1 228 220 222 2 243 238 238 3 249 248 246 4 251 252 252 etc.... $ gifclrmp -g 2.2 <wapen_merksem.gif >coulourmap Generates image with lighter tones $ file coulourmap coulourmap: GIF image data, version 87a, 50 x 60 $ gif2rgb -c 8 -o rgbtest wapen_merksem.gif Generates 3 binary files All OK.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0135.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED