Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27
Gentoo Linux Security Advisory 201209-25 - Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service.
69658d66093686eada54ad82e7c69c212f082445ebab3cf082f1e1fbc3b98de1
VMware Security Advisory - Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application. The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server.
fa25255a1fe8dc51e8b60d69060b437dd5c2bb2ea3ba80fcabeb503621483800
Debian Security Advisory 1830-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client.
d38d0925be530057b4a2dd77a93a8ac127bd9272755d6b3ea0b274a052baaa14
VMware Security Advisory - VMware Hosted products and ESX and ESXi patches resolve a security issue. Update patch 13 for ESX 2.5.5 updates the libpng Service Console RPM.
203a590a4bdbe48adceffe110e8cd59465f46fb0e57d0752d412221afaa50075
Mandriva Linux Security Advisory 2009-083 - A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21. This update provides the latest Thunderbird to correct these issues. Additionally, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architecture, would freeze whenever any Enigmail function was used. Also, when used on i586 architecture, Thunderbird would crash when sending an email, if a file with an unknown extension was attached to it. This update also fixes those issues.
8511d6a4698ceeef5b4163b72f2396b90cb854230c08895dc46332e0b785248e
Debian Security Advisory 1750-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.
0e924f59ce027e66a6e689dc0b274aa6836b5b191f719fc7a80659d3e59e9152
Gentoo Linux Security Advisory GLSA 200903-28 - Multiple vulnerabilities were found in libpng, which might result in the execution of arbitrary code. Versions less than 1.2.35 are affected.
bc9fa888d3762a9db0b644b2ba836732cc538b8c7ed65bacade59f0336bf2361
Mandriva Linux Security Advisory 2009-075 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.7. This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. Additionally some software has also been rebuilt against Mozilla Firefox 3.0.7 which should take care of upgrade problems.
6987be114011225d9a1bb7a9e1e2d6874e8225afa2e231184c2bdf3df29cf10c
Ubuntu Security Notice USN-730-1 - A large amount of vulnerabilities in libpng have been addressed. These range from denial of service to remote code execution issues.
bf1668416bc0c504288cc177db2f2c946b397313a140888d671c84f861f5103d
Ubuntu Security Notice USN-728-1 - Various vulnerabilities in Firefox have been addressed. The embedded libpng has been updated. Multiple flaws withing Firefox that could allow for denial of service or code execution have also been addressed.
c72a8866a8c452171d24bdb7527cefc5961f5e5b9f79c17b1110d728395952b5
Mandriva Linux Security Advisory 2009-051 - A number of vulnerabilities have been found and corrected in libpng. Fixed 1-byte buffer overflow in pngpread.c. This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword() that allowed setting arbitrary bytes in the process memory to 0. Fix a potential DoS (Denial of Service) or to potentially compromise an application using the library. The updated packages have been patched to prevent this.
a74739120bac463b5e67987f05bd7c87e179193dd9d8c7d71e771b76ab1b5b1a