A quick note that there is more to giflib than just CVE-2025-31344:
Duplication of CVEs, officially fixed versus de-facto still vulnerable in more than one case, another CVE also upcoming (not mine)… I created a quick summary of what I know at… https://github.com/openwrt/packages/issues/26277 …if you're interested. Best, Sebastian
