Slackware Security Advisory - New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
e0b2e87d2acceb14c61c2087afccaa1d022ee55170560ead2c4445f6120f1380
Gentoo Linux Security Advisory 201206-15 - Multiple vulnerabilities in libpng might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.5.10 are affected.
17c59fa4ea570ff973946e70fe5303b4a6d7f8e5ec1db2b26617090a9a49954b
Debian Linux Security Advisory 2439-1 - Glenn-Randers Pehrson discovered an buffer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.
bbd3e8089449480264a63ffe19b45f1373d2569ce485c612626f045bc5d94dce
Ubuntu Security Notice 1402-1 - It was discovered that libpng did not properly process compressed chunks. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.
e84d90e1c69359be1947a51a2d22c92b27e8318bec589093735d640f38245bf1
Mandriva Linux Security Advisory 2012-033 - A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
e01682b23f6754dc207bd66c7d6363efb71ddb6802ef423068599e02a0c2dd6f
Red Hat Security Advisory 2012-0407-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libpng should upgrade to these updated packages, which correct this issue. For Red Hat Enterprise Linux 5, they contain a backported patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version 1.2.48. All running applications using libpng must be restarted for the update to take effect.
02c66306b59208c15ad10058e8dd7d64c24149876c04fe8f5487335ca9732c80