From: Jeremie Courreges-Anglas Subject: Re: UPDATE: Giflib-6.1.3 To: gonzalo Cc: ports@openbsd.org Date: Sat, 23 May 2026 13:16:20 +0200 On Sat, May 23, 2026 at 12:19:16PM +0200, gonzalo wrote: > Hello, > > Update for giflib to 6.1.3: > > https://sourceforge.net/p/giflib/code/ci/edff4aed17f857442ab0cac31566572ba08f93d3/log/ > > OK? Comments? Diff is incomplete as two patches were already introduced upstream. make check-shlib-syms doesn't warn about new/removed symbols etc, but we should still bump the major I think. Looking at the diff between old and new gif_lib.h: |--- /usr/local/include/gif_lib.h Thu May 21 18:54:57 2026 |+++ /usr/ports/pobj/giflib-6.1.3/fake-amd64/usr/local/include/gif_lib.h Sat May 23 13:09:46 2026 |@@ -13,9 +13,9 @@ | extern "C" { | #endif /* __cplusplus */ | |-#define GIFLIB_MAJOR 5 |-#define GIFLIB_MINOR 2 |-#define GIFLIB_RELEASE 2 |+#define GIFLIB_MAJOR 6 |+#define GIFLIB_MINOR 1 |+#define GIFLIB_RELEASE 3 | | #define GIF_ERROR 0 | #define GIF_OK 1 |@@ -129,21 +129,21 @@ | const bool GifTestExistence, int *Error); | GifFileType *EGifOpenFileHandle(const int GifFileHandle, int *Error); | GifFileType *EGifOpen(void *userPtr, OutputFunc writeFunc, int *Error); |-int EGifSpew(GifFileType *GifFile); |+int EGifSpew(GifFileType *GifFile, int *ErrorCode); | const char *EGifGetGifVersion(GifFileType *GifFile); /* new in 5.x */ | int EGifCloseFile(GifFileType *GifFile, int *ErrorCode); | | #define E_GIF_SUCCEEDED 0 |-#define E_GIF_ERR_OPEN_FAILED 1 /* And EGif possible errors. */ |-#define E_GIF_ERR_WRITE_FAILED 2 |-#define E_GIF_ERR_HAS_SCRN_DSCR 3 |-#define E_GIF_ERR_HAS_IMAG_DSCR 4 |-#define E_GIF_ERR_NO_COLOR_MAP 5 |-#define E_GIF_ERR_DATA_TOO_BIG 6 |-#define E_GIF_ERR_NOT_ENOUGH_MEM 7 |-#define E_GIF_ERR_DISK_IS_FULL 8 |-#define E_GIF_ERR_CLOSE_FAILED 9 |-#define E_GIF_ERR_NOT_WRITEABLE 10 |+#define E_GIF_ERR_OPEN_FAILED 201 /* And EGif possible errors. */ |+#define E_GIF_ERR_WRITE_FAILED 202 |+#define E_GIF_ERR_HAS_SCRN_DSCR 203 |+#define E_GIF_ERR_HAS_IMAG_DSCR 204 |+#define E_GIF_ERR_NO_COLOR_MAP 205 |+#define E_GIF_ERR_DATA_TOO_BIG 206 |+#define E_GIF_ERR_NOT_ENOUGH_MEM 207 |+#define E_GIF_ERR_DISK_IS_FULL 208 |+#define E_GIF_ERR_CLOSE_FAILED 209 |+#define E_GIF_ERR_NOT_WRITEABLE 210 The signature of a function was changed, which is incompatible. The renumbering of the error codes is most likely also an incompatible change. Updated diff: Index: Makefile =================================================================== RCS file: /home/cvs/ports/graphics/giflib/Makefile,v diff -u -p -r1.35 Makefile --- Makefile 22 Apr 2025 15:55:32 -0000 1.35 +++ Makefile 23 May 2026 11:15:11 -0000 @@ -1,8 +1,7 @@ COMMENT= tools and library routines for working with GIF images -DISTNAME= giflib-5.2.2 -REVISION= 0 -SHARED_LIBS += gif 9.1 # 7.1 +DISTNAME= giflib-6.1.3 +SHARED_LIBS += gif 10.0 CATEGORIES= graphics SITES= ${SITE_SOURCEFORGE:=giflib/} @@ -17,7 +16,8 @@ WANTLIB += c m USE_GMAKE= Yes CFLAGS+= -DHAVE_REALLOCARRAY MAKE_FLAGS= CC="${CC}" OFLAGS="${CFLAGS}" LIBVER="${LIBgif_VERSION}" -FAKE_FLAGS= MANDIR="${PREFIX}/man" LIBVER="${LIBgif_VERSION}" +FAKE_FLAGS= MANDIR="${PREFIX}/man" LIBVER="${LIBgif_VERSION}" \ + PREFIX="${PREFIX}" BUILD_DEPENDS+= textproc/xmlto TEST_DEPENDS= sysutils/coreutils Index: distinfo =================================================================== RCS file: /home/cvs/ports/graphics/giflib/distinfo,v diff -u -p -r1.8 distinfo --- distinfo 29 Feb 2024 15:25:40 -0000 1.8 +++ distinfo 23 May 2026 11:04:19 -0000 @@ -1,2 +1,2 @@ -SHA256 (giflib-5.2.2.tar.gz) = vn/70FfK3r4qoURUL9kMaDjGoIO16KkEi47jtmsp1fs= -SIZE (giflib-5.2.2.tar.gz) = 447175 +SHA256 (giflib-6.1.3.tar.gz) = tltmuZ8EJLk1JfmHOG8i/F77naK/ySrUpTIkmq/7qw4= +SIZE (giflib-6.1.3.tar.gz) = 470579 Index: patches/patch-Makefile =================================================================== RCS file: /home/cvs/ports/graphics/giflib/patches/patch-Makefile,v diff -u -p -r1.4 patch-Makefile --- patches/patch-Makefile 29 Feb 2024 15:25:40 -0000 1.4 +++ patches/patch-Makefile 23 May 2026 11:04:19 -0000 @@ -1,96 +1,48 @@ -- Correct document page install. - 61f375082c80ee479eb8ff03189aea691a6a06aa - -hunk 1, disable -Wno-format-truncation, not available on some compilers? - -hunk 2, move quantize.c back to exported library, it was in the public -API prior to 5.2 and is used by various downstream users -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935088 -https://src.fedoraproject.org/rpms/giflib/c/109bf038d703a471b857aba44af673be103d7079?branch=master - -hunk 5-6, library handling - Index: Makefile --- Makefile.orig +++ Makefile -@@ -8,7 +8,7 @@ - # - OFLAGS = -O0 -g - OFLAGS = -O2 --CFLAGS = -std=gnu99 -fPIC -Wall -Wno-format-truncation $(OFLAGS) -+CFLAGS = -std=gnu99 -fPIC -Wall $(OFLAGS) - - SHELL = /bin/sh - TAR = tar -@@ -29,11 +29,11 @@ LIBPOINT=0 - LIBVER=$(LIBMAJOR).$(LIBMINOR).$(LIBPOINT) - - SOURCES = dgif_lib.c egif_lib.c gifalloc.c gif_err.c gif_font.c \ -- gif_hash.c openbsd-reallocarray.c -+ gif_hash.c openbsd-reallocarray.c quantize.c - HEADERS = gif_hash.h gif_lib.h gif_lib_private.h - OBJECTS = $(SOURCES:.c=.o) - --USOURCES = qprintf.c quantize.c getarg.c -+USOURCES = qprintf.c getarg.c - UHEADERS = getarg.h - UOBJECTS = $(USOURCES:.c=.o) - -@@ -63,17 +63,21 @@ UTILS = $(INSTALLABLE) \ - - LDLIBS=libgif.a -lm - --MANUAL_PAGES = \ -+MANUAL_PAGES_1 = \ - doc/gif2rgb.xml \ - doc/gifbuild.xml \ - doc/gifclrmp.xml \ - doc/giffix.xml \ -- doc/giflib.xml \ - doc/giftext.xml \ - doc/giftool.xml - -+MANUAL_PAGES_7 = \ -+ doc/giflib.xml -+ -+MANUAL_PAGES = $(MANUAL_PAGES_1) $(MANUAL_PAGES_7) -+ - SOEXTENSION = so --LIBGIFSO = libgif.$(SOEXTENSION) -+LIBGIFSO = libgif.$(SOEXTENSION).$(LIBVER) +@@ -95,7 +95,7 @@ SOEXTENSION = so + LIBGIFSO = libgif.$(SOEXTENSION) LIBGIFSOMAJOR = libgif.$(SOEXTENSION).$(LIBMAJOR) LIBGIFSOVER = libgif.$(SOEXTENSION).$(LIBVER) - LIBUTILSO = libutil.$(SOEXTENSION) -@@ -99,7 +103,7 @@ $(LIBGIFSO): $(OBJECTS) $(HEADERS) +-LIBUTILSO = libutil.$(SOEXTENSION) ++LIBUTILSO = libutil.$(SOEXTENSION).$(LIBVER) + LIBUTILSOMAJOR = libutil.$(SOEXTENSION).$(LIBMAJOR) + ifeq ($(UNAME), Darwin) + SOEXTENSION = dylib +@@ -125,7 +125,7 @@ $(LIBGIFSO): $(OBJECTS) $(HEADERS) ifeq ($(UNAME), Darwin) $(CC) $(CFLAGS) -dynamiclib -current_version $(LIBVER) $(OBJECTS) -o $(LIBGIFSO) else -- $(CC) $(CFLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBGIFSOMAJOR) -o $(LIBGIFSO) $(OBJECTS) +- $(CC) $(CFLAGS) $(CPPFLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBGIFSOMAJOR) -o $(LIBGIFSO) $(OBJECTS) + $(CC) $(CFLAGS) -shared $(LDFLAGS) -o $(LIBGIFSO) $(OBJECTS) endif libgif.a: $(OBJECTS) $(HEADERS) -@@ -109,7 +113,7 @@ $(LIBUTILSO): $(UOBJECTS) $(UHEADERS) +@@ -135,7 +135,7 @@ $(LIBUTILSO): $(UOBJECTS) $(UHEADERS) ifeq ($(UNAME), Darwin) - $(CC) $(CFLAGS) -dynamiclib -current_version $(LIBVER) $(OBJECTS) -o $(LIBUTILSO) + $(CC) $(CFLAGS) -dynamiclib -current_version $(LIBVER) $(UOBJECTS) -o $(LIBUTILSO) else -- $(CC) $(CFLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBUTILMAJOR) -o $(LIBUTILSO) $(UOBJECTS) +- $(CC) $(CFLAGS) $(CPPLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBUTILSOMAJOR) -o $(LIBUTILSO) $(UOBJECTS) + $(CC) $(CFLAGS) -shared $(LDFLAGS) -o $(LIBUTILSO) $(UOBJECTS) endif libutil.a: $(UOBJECTS) $(UHEADERS) -@@ -145,11 +149,10 @@ install-lib: +@@ -169,7 +169,7 @@ spellcheck: + ifeq ($(UNAME), Darwin) + install: all install-bin install-include install-lib + else +-install: all install-bin install-include install-lib install-man install-doc ++install: all install-bin install-include install-lib install-man + endif + + install-bin: $(INSTALLABLE) +@@ -184,8 +184,6 @@ install-static-lib: + install-shared-lib: $(INSTALL) -d "$(DESTDIR)$(LIBDIR)" - $(INSTALL) -m 644 libgif.a "$(DESTDIR)$(LIBDIR)/libgif.a" $(INSTALL) -m 755 $(LIBGIFSO) "$(DESTDIR)$(LIBDIR)/$(LIBGIFSOVER)" - ln -sf $(LIBGIFSOVER) "$(DESTDIR)$(LIBDIR)/$(LIBGIFSOMAJOR)" - ln -sf $(LIBGIFSOMAJOR) "$(DESTDIR)$(LIBDIR)/$(LIBGIFSO)" + install-lib: install-static-lib install-shared-lib install-man: -- $(INSTALL) -d "$(DESTDIR)$(MANDIR)/man1" -- $(INSTALL) -m 644 $(MANUAL_PAGES) "$(DESTDIR)$(MANDIR)/man1" -+ $(INSTALL) -d "$(DESTDIR)$(MANDIR)/man1" "$(DESTDIR)$(MANDIR)/man7" -+ $(INSTALL) -m 644 $(MANUAL_PAGES_1:xml=1) "$(DESTDIR)$(MANDIR)/man1" -+ $(INSTALL) -m 644 $(MANUAL_PAGES_7:xml=7) "$(DESTDIR)$(MANDIR)/man7" - uninstall: uninstall-man uninstall-include uninstall-lib uninstall-bin - uninstall-bin: - cd "$(DESTDIR)$(BINDIR)" && rm -f $(INSTALLABLE) + $(INSTALL) -d "$(DESTDIR)$(MANDIR)/man1" "$(DESTDIR)$(MANDIR)/man7" Index: patches/patch-doc_Makefile =================================================================== RCS file: /home/cvs/ports/graphics/giflib/patches/patch-doc_Makefile,v diff -u -p -r1.1 patch-doc_Makefile --- patches/patch-doc_Makefile 29 Feb 2024 15:25:40 -0000 1.1 +++ patches/patch-doc_Makefile 23 May 2026 11:07:13 -0000 @@ -1,14 +0,0 @@ -Disable calling a target which wants ImageMagick. - -Index: doc/Makefile ---- doc/Makefile.orig -+++ doc/Makefile -@@ -46,7 +46,7 @@ giflib-logo.gif: ../pic/gifgrid.gif - convert $^ -resize 50x50 $@ - - # Philosophical choice: the website gets the internal manual pages --allhtml: $(XMLALL:.xml=.html) giflib-logo.gif -+allhtml: $(XMLALL:.xml=.html) - - manpages: $(XMLMAN1:.xml=.1) $(XMLMAN7:.xml=.7) $(XMLINTERNAL:.xml=.1) - Index: patches/patch-gif2rgb_c =================================================================== RCS file: /home/cvs/ports/graphics/giflib/patches/patch-gif2rgb_c,v diff -u -p -r1.1 patch-gif2rgb_c --- patches/patch-gif2rgb_c 22 Apr 2025 15:55:32 -0000 1.1 +++ patches/patch-gif2rgb_c 23 May 2026 11:07:27 -0000 @@ -1,18 +0,0 @@ -Fix CVE-2025-31344 -https://www.openwall.com/lists/oss-security/2025/04/07/3 - -Index: gif2rgb.c ---- gif2rgb.c.orig -+++ gif2rgb.c -@@ -329,6 +329,11 @@ static void DumpScreen2RGB(char *FileName, int OneFile - GifRow = ScreenBuffer[i]; - GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); - for (j = 0; j < ScreenWidth; j++) { -+ /* Check if color is within color palete */ -+ if (GifRow[j] >= ColorMap->ColorCount) { -+ GIF_EXIT(GifErrorString( -+ D_GIF_ERR_IMAGE_DEFECT)); -+ } - ColorMapEntry = &ColorMap->Colors[GifRow[j]]; - Buffers[0][j] = ColorMapEntry->Red; - Buffers[1][j] = ColorMapEntry->Green; Index: patches/patch-tests_makefile =================================================================== RCS file: /home/cvs/ports/graphics/giflib/patches/patch-tests_makefile,v diff -u -p -r1.5 patch-tests_makefile --- patches/patch-tests_makefile 2 Jul 2022 14:13:43 -0000 1.5 +++ patches/patch-tests_makefile 23 May 2026 11:04:19 -0000 @@ -1,39 +1,30 @@ -#1, gmake-ism - -#2, unsure if this is a test bug or a command-line parser bug, but the -p -value isn't read in the original order; same on Linux - -#3, "head --bytes=-20" means "display most of the file, but trim last 20 bytes" -which isn't easily replicable with base tools, so just use ghead from coreutils - Index: tests/makefile --- tests/makefile.orig +++ tests/makefile -@@ -27,12 +27,12 @@ rebuild: render-rebuild \ - UTILS = .. - PICS = ../pic +@@ -39,12 +39,12 @@ GIF2RGB = ../gif2rgb + $(GIF2RGB): + @$(MAKE) -C .. gif2rgb -GIFS := $(shell ls ../pic/*.gif) +GIFS := `ls ../pic/*.gif` # Test decompression and rendering by unpacking images, # converting them to RGB, and comparing that result to a check file. - render-regress: + render-regress: $(GIF2RGB) - @for test in $(GIFS); \ + for test in $(GIFS); \ do \ stem=`basename $${test} | sed -e "s/.gif$$//"`; \ - if echo "Testing RGB rendering of $${test}" >&2; \ -@@ -104,10 +104,10 @@ giffilter-regress: + $(UTILS)/gif2rgb -1 <$${test} | ./cmpdiffer "gif2rgb: test of $${test}" $${stem}.rgb; \ +@@ -106,9 +106,9 @@ giffilter-regress: $(GIF2RGB) giffix-rebuild: @echo "Rebuilding giffix test." - @head --bytes=-20 <$(PICS)/treescap.gif | $(UTILS)/giffix 2>/dev/null | $(UTILS)/gifbuild -d >giffixed.ico + @ghead --bytes=-20 <$(PICS)/treescap.gif | $(UTILS)/giffix 2>/dev/null | $(UTILS)/gifbuild -d >giffixed.ico giffix-regress: - @echo "giffix: Testing giffix behavior" -- @head --bytes=-20 <$(PICS)/treescap.gif | $(UTILS)/giffix 2>/dev/null | $(UTILS)/gifbuild -d | diff -u giffixed.ico - +- @head --bytes=-20 <$(PICS)/treescap.gif | $(UTILS)/giffix 2>/dev/null | $(UTILS)/gifbuild -d | ./tapdiffer "giffix: Testing giffix behavior" giffixed.ico + @ghead --bytes=-20 <$(PICS)/treescap.gif | $(UTILS)/giffix 2>/dev/null | $(UTILS)/gifbuild -d | diff -u giffixed.ico - gifinto-regress: - @echo "gifinto: Checking behavior on short files." + @rm -f $@.giflib.tmp Index: pkg/PLIST =================================================================== RCS file: /home/cvs/ports/graphics/giflib/pkg/PLIST,v diff -u -p -r1.13 PLIST --- pkg/PLIST 29 Feb 2024 15:25:40 -0000 1.13 +++ pkg/PLIST 23 May 2026 11:04:19 -0000 @@ -1,6 +1,5 @@ @conflict libungif-* @pkgpath graphics/libungif -@bin bin/gif2rgb @bin bin/gifbuild @bin bin/gifclrmp @bin bin/giffix @@ -9,7 +8,6 @@ include/gif_lib.h @static-lib lib/libgif.a @lib lib/libgif.so.${LIBgif_VERSION} -@man man/man1/gif2rgb.1 @man man/man1/gifbuild.1 @man man/man1/gifclrmp.1 @man man/man1/giffix.1 -- jca