Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27VMware Security Advisory - VMware Hosted products and ESX and ESXi patches resolve a security issue. Update patch 13 for ESX 2.5.5 updates the libpng Service Console RPM.
203a590a4bdbe48adceffe110e8cd59465f46fb0e57d0752d412221afaa50075Debian Security Advisory 1750-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.
0e924f59ce027e66a6e689dc0b274aa6836b5b191f719fc7a80659d3e59e9152Ubuntu Security Notice USN-730-1 - A large amount of vulnerabilities in libpng have been addressed. These range from denial of service to remote code execution issues.
bf1668416bc0c504288cc177db2f2c946b397313a140888d671c84f861f5103dGentoo Linux Security Advisory GLSA 200812-15 - POV-Ray includes a version of libpng that might allow for the execution of arbitrary code when reading a specially crafted PNG file POV-Ray uses a statically linked copy of libpng to view and output PNG files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964, CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in POV-Ray's build system caused it to load the old version when your installed copy of libpng was >=media-libs/libpng-1.2.10. Versions less than 3.6.1-r4 are affected.
1f128702ad44d88415fbb97c75a9a802ae8324c91f93449b4768fb0c8c911860Mandriva Linux Security Advisory - Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions. The updated packages have been patched to correct this issue.
55937dffca006aefbaafb8896ea5b33e483cd7f7446168d419624a00215adb9dGentoo Linux Security Advisory GLSA 200805-10 - It has been reported that Pngcrush includes a copy of libpng that is vulnerable to a memory corruption (GLSA 200804-15). Versions less than 1.6.4-r1 are affected.
7be87bd6cd80913765cc2197f63277e2d0f892fb175e35e8e8b37a7c2f7c50eaGentoo Linux Security Advisory GLSA 200804-15 - Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call png_set_read_user_chunk_fn() or png_set_keep_unknown_chunks(). Versions less than 1.2.26-r1 are affected.
6bf42712b9c2950b7d9c27c6bf8a5dcee94696371bd6e9631217aa9a23265d5fApplications using libpng that install unknown chunk handlers, or copy unknown chunks, may be vulnerable to a security issue which may result in incorrect output, information leaks, crashes, or arbitrary code execution. The libpng project indicates libpng-1.0.6 through 1.0.32, libpng-1.2.0 through 1.2.26, and libpng-1.4.0beta01 through libpng-1.4.0beta19 built with PNG_READ_UNKNOWN_CHUNKS_SUPPORTED or PNG_READ_USER_CHUNKS_SUPPORTED (default configuration) are affected.
d9f18b2e078424f7549cd605507ce814b470dc6ff811315a92fb7070cf843236
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed