From d0dd004f8b4df26747209c84d5253b997d4652a0 Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro@gmail.com>
Date: Dec 22 2015 12:36:03 +0000
Subject: Add patch for heap overflow in giffix (CVE-2015-7555, #1293372)


---

diff --git a/mingw-giflib.spec b/mingw-giflib.spec
index b153ae1..a4da040 100644
--- a/mingw-giflib.spec
+++ b/mingw-giflib.spec
@@ -4,15 +4,17 @@
 
 Name:          mingw-%{pkgname}
 Version:       5.0.5
-Release:       3%{?dist}
+Release:       4%{?dist}
 Summary:       MinGW Windows %{pkgname} library
 License:       MIT
-Group:         Development/Libraries
+
 BuildArch:     noarch
 URL:           http://www.sourceforge.net/projects/%{pkgname}/
 Source:        http://downloads.sourceforge.net/%{pkgname}/%{pkgname}-%{version}.tar.bz2
 # Mimik mkstemp function for win32
 Patch0:        giflib-5.0.4_mkstemp.patch
+# Fix heap overflow in giffix (CVE-2015-7555, #1293372)
+Patch1:        giflib-5.0.5_CVE-2015-7555.patch
 
 BuildRequires: mingw32-filesystem >= 95
 BuildRequires: mingw32-gcc
@@ -77,6 +79,7 @@ Requires:      mingw64-%{pkgname} = %{version}-%{release}
 %prep
 %setup -q -n %{pkgname}-%{version}
 %patch0 -p1
+%patch1 -p1
 
 
 %build
@@ -92,7 +95,8 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
 
 
 %files -n mingw32-%{pkgname}
-%doc AUTHORS ChangeLog COPYING NEWS README
+%doc AUTHORS ChangeLog NEWS README
+%license COPYING
 %{mingw32_bindir}/libgif-6.dll
 %{mingw32_includedir}/gif_lib.h
 %{mingw32_libdir}/libgif.dll.a
@@ -104,7 +108,8 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
 %{mingw32_bindir}/*.exe
 
 %files -n mingw64-%{pkgname}
-%doc AUTHORS ChangeLog COPYING NEWS README
+%doc AUTHORS COPYING NEWS README
+%license COPYING
 %{mingw64_bindir}/libgif-6.dll
 %{mingw64_includedir}/gif_lib.h
 %{mingw64_libdir}/libgif.dll.a
@@ -117,6 +122,9 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
 
 
 %changelog
+* Tue Dec 22 2015 Sandro Mani <manisandro@gmail.com> - 5.0.5-4
+- Add patch for heap overflow in giffix (CVE-2015-7555, #1293372)
+
 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5.0.5-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
 
diff --git a/mingw-giflib_no-undefined.patch b/mingw-giflib_no-undefined.patch
deleted file mode 100644
index 908fa60..0000000
--- a/mingw-giflib_no-undefined.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -rupN giflib-4.1.6/lib/Makefile.am giflib-4.1.6-new/lib/Makefile.am
---- giflib-4.1.6/lib/Makefile.am	2007-11-10 23:47:55.000000000 +0100
-+++ giflib-4.1.6-new/lib/Makefile.am	2013-05-08 02:00:42.093576286 +0200
-@@ -21,6 +21,6 @@ libgif_la_SOURCES = dev2gif.c   \
-                     quantize.c  \
- 					gif_lib_private.h
- 
--libgif_la_LDFLAGS = -version-info 5:6:1
-+libgif_la_LDFLAGS = -version-info 5:6:1 -no-undefined
- libgif_la_LIBADD = @DEVS@
- libgif_CFLAGS = $(X_CFLAGS) $(AM_CFLAGS)