Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:

> This fixes CVE-2023-44821 and CVE-2023-46009.
>
> * gnu/packages/image.scm (gifsicle): Update to 1.95.
> ---
>  gnu/packages/image.scm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
> index 7f17c71aef..0d6593dc21 100644
> --- a/gnu/packages/image.scm
> +++ b/gnu/packages/image.scm
> @@ -2172,14 +2172,14 @@ (define-public swappy
>  (define-public gifsicle
>    (package
>     (name "gifsicle")
> -   (version "1.94")
> +   (version "1.95")
>     (source
>       (origin
>         (method url-fetch)
>         (uri (string-append "https://www.lcdf.org/gifsicle/gifsicle-"
>                             version ".tar.gz"))
>         (sha256
> -        (base32 "16zq5wd6fyjgy0p0mak15k3mh1zpqb9rg6gqfpg215kqq02p1jab"))))
> +        (base32 "0l69gn562l7a1l10zz1bfs756ipd682idgpk60qs3llz013icwdj"))))
>     (build-system gnu-build-system)
>     (arguments
>      '(#:phases
apply, and build from git source, use g-expressions.