Slackware Security Advisory - New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
e0b2e87d2acceb14c61c2087afccaa1d022ee55170560ead2c4445f6120f1380Gentoo Linux Security Advisory 201206-15 - Multiple vulnerabilities in libpng might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.5.10 are affected.
17c59fa4ea570ff973946e70fe5303b4a6d7f8e5ec1db2b26617090a9a49954bDebian Linux Security Advisory 2439-1 - Glenn-Randers Pehrson discovered an buffer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.
bbd3e8089449480264a63ffe19b45f1373d2569ce485c612626f045bc5d94dceUbuntu Security Notice 1402-1 - It was discovered that libpng did not properly process compressed chunks. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.
e84d90e1c69359be1947a51a2d22c92b27e8318bec589093735d640f38245bf1Mandriva Linux Security Advisory 2012-033 - A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
e01682b23f6754dc207bd66c7d6363efb71ddb6802ef423068599e02a0c2dd6fRed Hat Security Advisory 2012-0407-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libpng should upgrade to these updated packages, which correct this issue. For Red Hat Enterprise Linux 5, they contain a backported patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version 1.2.48. All running applications using libpng must be restarted for the update to take effect.
02c66306b59208c15ad10058e8dd7d64c24149876c04fe8f5487335ca9732c80
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed