CVE-2025-61146

@@ -105,6 +105,12 @@ issue-167-vexe:
 issue-200:
 	converters/img2sixel --7bit-mode -8 --invert --palette-type=auto --verbose tests/issue/200/POC_img2sixel_heap_buffer_overflow -o /dev/null
 
+issue-207: all
+	converters/img2sixel -h 50% -r lanczos3 -w 300px tests/issue/207/poc; test $$? = 255 -o $$? = 127
+
+issue-207-vexe:
+	CC=clang CFLAGS="-fsanitize=address -O0 -g -fno-omit-frame-pointer" tools/vexe ubuntu issue-207
+
 libsixel-libsixel-issue-73:
 	converters/img2sixel tests/issue/libsixel-libsixel/73/stbi_1561_poc.bin
 

@@ -189,9 +189,9 @@ am__define_uniq_tagged_files = \
     if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
   done | $(am__uniquify_input)`
 am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
-	$(srcdir)/libsixel.pc.in $(srcdir)/package.json.in.in \
+	$(srcdir)/libsixel.pc.in $(srcdir)/package.json.in.in AUTHORS \
 	ChangeLog NEWS README.md compile config.guess config.sub \
-	install-sh ltmain.sh missing py-compile
+	depcomp install-sh ltmain.sh missing py-compile
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 distdir = $(PACKAGE)-$(VERSION)
 top_distdir = $(distdir)
@@ -1026,6 +1026,12 @@ issue-167-vexe:
 issue-200:
 	converters/img2sixel --7bit-mode -8 --invert --palette-type=auto --verbose tests/issue/200/POC_img2sixel_heap_buffer_overflow -o /dev/null
 
+issue-207: all
+	converters/img2sixel -h 50% -r lanczos3 -w 300px tests/issue/207/poc; test $$? = 255 -o $$? = 127
+
+issue-207-vexe:
+	CC=clang CFLAGS="-fsanitize=address -O0 -g -fno-omit-frame-pointer" tools/vexe ubuntu issue-207
+
 libsixel-libsixel-issue-73:
 	converters/img2sixel tests/issue/libsixel-libsixel/73/stbi_1561_poc.bin
 

@@ -248,6 +248,8 @@ gif_init_frame(
         }
     } else {
         frame->pixelformat = SIXEL_PIXELFORMAT_RGB888;
+        /* TODO: Allocated memory should be reused */
+        sixel_allocator_free(frame->allocator, frame->pixels);
         frame_size = (size_t)pg->w * (size_t)pg->h * 3;
         frame->pixels = (unsigned char *)sixel_allocator_malloc(frame->allocator, frame_size);
         if (frame->pixels == NULL) {

@@ -0,0 +1 @@
+This poc(tests/issue/207/poc) is contributed from @optionGo.

@@ -501,6 +501,30 @@ hongxu (@HongxuChen)
 pwd (@YourButterfly)
 Nicholas Luedtke (@nluedtke)
 cool-tomato (@cool-tomato)
+Koichi Murase (@akinomyoga)
+Sergey Fedorov (@barracuda156)
+Oceane (@chameleon10712)
+Fredrick Brennan (@ctrlcctrlv)
+nick black (@dankamongmen)
+Devendra (@dthadi3)
+Tai D. Nguyen (@duytai)
+Xudong Cao (@err2zero)
+George Nachman (@gnachman)
+Henner Zeller (@hzeller)
+Philipp (@interkosmos)
+James Holderness (@j4james)
+Johnny Chen (@johnnychen94)
+Ben Davies (@Kaiepi)
+Han Zheng (@kdsjZh)
+Kreijstal (@Kreijstal)
+Max Ambaum (@max-amb)
+momo-trip (@momo-trip)
+muetzenmann (@muetzenmann)
+Ryan Roden-Corrent (@rcorre)
+Rin Okuyama (@rokuyama)
+shinibufa (@shinibufa)
+4ugustus (@waugustus)
+
 .fi
 
 

@@ -1,6 +1,95 @@
+                  ------------------------------
+                   What's new in libsixel-1.8.7
+                  ------------------------------
+
+  for a comprehensive view of security-fix progress, see the page below
+  https://github.com/saitoha/libsixel/discussions/203
+
+* fix invalid pointer access in encoder.c (#193, #195)
+  Thanks to @momo-trip, @akinomyoga
+
+* fix wrong HLS to RGB conversion. (#191)
+  Thanks to @gnachman, @j4james
+
+* fix NULL pointer dereference problem in img2sixel.c (#192)
+  Thanks to @momo-trip, @akinomyoga
+
+* fix double free problem in encoder.c (#194)
+  Thanks to @momo-trip
+
+* Serucity fix for #200, heap buffer overflow in debug palette function.
+  Thanks to @err2zero
+
+* add EXTRA_DIST for LICENSE files (#129)
+  Thanks to @ttdoda
+
+* Travis-ci: added support for ppc64le (#140)
+  Thanks to @dthadi3
+
+* export sixel_allocator_new to dll (#151)
+  Thanks to @johnnychen94
+
+* README: Add Idris 2 language bindings (#155)
+  Thanks to @Kaiepi
+
+* performance: If width and height are unchanged, nothing to do. (#170)
+  Thanks to @rokuyama
+
+* README: add MacPorts to install options (#183)
+  Thanks to @barracuda156
+
+* fix for bash completion (#189)
+  Thanks to @rcorre
+
+* Add backport feature (nanosleep) for windows, github actions CI (#202)
+  Thanks to @Kreijstal
+
+* README: update NixOS link (#204)
+  Thanks to @max-amb
+
+* build: Remove override of $LIBJPEG_CFLAGS and $LIBJPEG_LIBS set by PKG_CHECK_MODULES()
+
+* fix Problems with the dithering palette calculation (#188)
+  Thanks to @gnachman, @j4james
+
+* fix SEGV error in sixel_encoder_setopt (#174)
+  Thanks to @shinibufa , @j4james
+
+* curl: send original UserAgent header: "libsixel/${LIBSIXEL_VERSION}"
+
+* fix heap-buffer-overflow in error_diffuse, quant.c:876 #172
+  Thanks to @waugustus
+
+* fix Heap-buffer-overflow in scale.c:214 #179
+  Thanks to @chameleon10712, @j4james
+
+* build: fallback support for environments without pkg-config.
+
+* fix double-free problem in loader.c (#150)
+  Thanks to @duytai, @ctrlcctrlv
+
+* fix an assertion issue in stbi__create_png_image_raw (#163)
+  Thanks to @kdsjZh, @dankamongmen
+
+* Update stb_image.h from upstream to version 2.30
+  THanks to @hzeller
+
+* Update examples/drawing: add SGR-Pixels mode
+
+* fix a problem on monochromatic encoded (-e) output (#112)
+  Thanks to @interkosmos, @j4james
+
+* fix a FPE issue (#166, #167)
+  Thanks to @waugustus, @j4james
+
+* cli: fix a scaling issue introduced in v1.6.1, which is caused
+       when one of -w/-h is a percentage and the other is unset or "auto"
+
+* fix a memory leak ploblem (#164)
+  Thanks to @muetzenmann, @j4james
 
                   ------------------------------
-                   What's new in libsixel-1.8 ?
+                   What's new in libsixel-1.8 (<= 1.8.6) ?
                   ------------------------------
 
 * python: Fix broken python interface problem(#128), reported by @fd00.

@@ -1079,6 +1079,30 @@ The MIT License (MIT)
 - [@YourButterfly](https://github.com/YourButterfly/)
 - [@nluedtke](https://github.com/nluedtke/)
 - [@cool-tomato](https://github.com/cool-tomato/)
+- [@akinomyoga](https://github.com/akinomyoga/)
+- [@barracuda156](https://github.com/barracuda156/)
+- [@chameleon10712](https://github.com/chameleon10712/)
+- [@ctrlcctrlv](https://github.com/ctrlcctrlv/)
+- [@dankamongmen](https://github.com/dankamongmen/)
+- [@dthadi3](https://github.com/dthadi3/)
+- [@duytai](https://github.com/duytai/)
+- [@err2zero](https://github.com/err2zero/)
+- [@gnachman](https://github.com/gnachman/)
+- [@hzeller](https://github.com/hzeller/)
+- [@interkosmos](https://github.com/interkosmos/)
+- [@j4james](https://github.com/j4james/)
+- [@johnnychen94](https://github.com/johnnychen94/)
+- [@Kaiepi](https://github.com/Kaiepi/)
+- [@kdsjZh](https://github.com/kdsjZh/)
+- [@Kreijstal](https://github.com/Kreijstal/)
+- [@max-amb](https://github.com/max-amb/)
+- [@momo-trip](https://github.com/momo-trip/)
+- [@muetzenmann](https://github.com/muetzenmann/)
+- [@rcorre](https://github.com/rcorre/)
+- [@rokuyama](https://github.com/rokuyama/)
+- [@shinibufa](https://github.com/shinibufa/)
+- [@ttdoda](https://github.com/ttdoda/)
+- [@waugustus](https://github.com/waugustus/)
 
 ## Contributing