[Git][security-tracker-team/security-tracker][master] Add reference to applied patch in 6.1.3-1 for CVE-2026-26740

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac89431a by Salvatore Bonaccorso at 2026-06-09T07:31:17+02:00
Add reference to applied patch in 6.1.3-1 for CVE-2026-26740

Thanks: Arnaud Rebillout

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51304,7 +51304,8 @@ CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote
 	- giflib 6.1.3-1 (bug #1131368)
 	NOTE: https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md
 	NOTE: https://sourceforge.net/p/giflib/bugs/199/
-	NOTE: https://sourceforge.net/p/giflib/bugs/201/  (patch that was applied in Debian unstable)
+	NOTE: https://sourceforge.net/p/giflib/bugs/201/
+	NOTE: Patch applied in Debian: https://sourceforge.net/p/giflib/bugs/201/attachment/0001-Fix-heap-buffer-overflow-in-EGifGCBToSavedExtension.patch
 CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in shinetheme Traveler ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24063 (When a plugin is installed using the Arturia Software Center (MacOS),  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac89431a0d1e07494d3a6fcd99b6d95b0564c9dd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac89431a0d1e07494d3a6fcd99b6d95b0564c9dd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/c78932b3/attachment.htm>