diff -Nurd -x'*~' giflib-4.1.6.orig/configure giflib-4.1.6/configure
--- giflib-4.1.6.orig/configure	2007-11-10 17:53:31.000000000 -0500
+++ giflib-4.1.6/configure	2015-11-13 03:43:47.000000000 -0500
@@ -22369,6 +22369,10 @@
 
 
 
+ac_save_CPPFLAGS=$CPPFLAGS
+ac_save_LDFLAGS=$LDFLAGS
+CPPFLAGS="$CPPFLAGS $X_CFLAGS"
+LDFLAGS=$"LDFLAGS $X_LIBS"
 for ac_header in X11/Xlib.h X11/Xutil.h
 do
 as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
@@ -22578,6 +22582,8 @@
 done
 
 fi
+CPPFLAGS=$ac_save_CPPFLAGS
+LDFLAGS=$ac_save_LDFLAGS
 
 DEVS="${GL_S_LIB} ${X11_LIB}"
 
diff -Nurd -x'*~' giflib-4.1.6.orig/lib/Makefile.in giflib-4.1.6/lib/Makefile.in
--- giflib-4.1.6.orig/lib/Makefile.in	2007-11-10 17:53:34.000000000 -0500
+++ giflib-4.1.6/lib/Makefile.in	2015-11-13 03:55:51.000000000 -0500
@@ -221,7 +221,7 @@
 
 libgif_la_LDFLAGS = -version-info 5:6:1
 libgif_la_LIBADD = @DEVS@
-libgif_CFLAGS = $(X_CFLAGS) $(AM_CFLAGS)
+AM_CPPFLAGS = $(X_CFLAGS) $(AM_CFLAGS)
 all: all-am
 
 .SUFFIXES:
#!/bin/sh /usr/share/dpatch/dpatch-run
## 01-cve.dpatch by Michael Fedrowitz <michaelf@debian.org>
##
## DP: Fix CVE-2005-2974 and CVE-2005-3350 (Closes: #337972).

@DPATCH@

diff -Naurp giflib-4.1.6.orig/lib/dgif_lib.c giflib-4.1.6/lib/dgif_lib.c
--- giflib-4.1.6.orig/lib/dgif_lib.c	2007-11-10 22:54:44.000000000 +0000
+++ giflib-4.1.6/lib/dgif_lib.c	2008-03-07 13:45:02.000000000 +0000
@@ -249,6 +249,8 @@ DGifGetScreenDesc(GifFileType * GifFile)
 
     if (READ(GifFile, Buf, 3) != 3) {
         _GifError = D_GIF_ERR_READ_FAILED;
+		FreeMapObject(GifFile->SColorMap);
+                GifFile->SColorMap = NULL;
         return GIF_ERROR;
     }
     GifFile->SColorResolution = (((Buf[0] & 0x70) + 1) >> 4) + 1;
@@ -346,6 +348,8 @@ DGifGetImageDesc(GifFileType * GifFile) 
         return GIF_ERROR;
     if (READ(GifFile, Buf, 1) != 1) {
         _GifError = D_GIF_ERR_READ_FAILED;
+		FreeMapObject(GifFile->Image.ColorMap);
+                GifFile->Image.ColorMap = NULL;
         return GIF_ERROR;
     }
     BitsPerPixel = (Buf[0] & 0x07) + 1;
@@ -994,6 +998,14 @@ DGifBufferedInput(GifFileType * GifFile,
             _GifError = D_GIF_ERR_IMAGE_DEFECT;
             return GIF_ERROR;
         }
+        /* There shouldn't be any empty data blocks here as the LZW spec
+         * says the LZW termination code should come first.  Therefore we
+         * shouldn't be inside this routine at that point.
+         */
+        if (Buf[0] == 0) {
+            _GifError = D_GIF_ERR_IMAGE_DEFECT;
+            return GIF_ERROR;
+        }
         if (READ(GifFile, &Buf[1], Buf[0]) != Buf[0]) {
             _GifError = D_GIF_ERR_READ_FAILED;
             return GIF_ERROR;
diff -Nurd giflib-4.1.6.orig/lib/gif_hash.c giflib-4.1.6/lib/gif_hash.c
--- giflib-4.1.6.orig/lib/gif_hash.c	2007-11-10 17:48:51.000000000 -0500
+++ giflib-4.1.6/lib/gif_hash.c	2024-07-05 11:34:07.000000000 -0400
@@ -33,6 +33,7 @@
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
+#include <stdlib.h>
 
 #ifdef __MSDOS__
 #include <io.h>