 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Mon, 21 May 2007 16:01:56 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: libpng security update
Issue date: 2007-05-17
CVE Names: CVE-2006-5793 CVE-2007-2445
A flaw was found in the handling of malformed images in libpng. An
attacker could create a carefully crafted PNG image file in such a way
that it could cause an application linked with libpng to crash when the
file was manipulated. (CVE-2007-2445)
A flaw was found in the sPLT chunk handling code in libpng. An attacker
could create a carefully crafted PNG image file in such a way that it
could cause an application linked with libpng to crash when the file was
opened. (CVE-2006-5793)
SL 3.0.x
SRPMS:
libpng-1.2.2-27.src.rpm
libpng10-1.0.13-17.src.rpm
i386:
libpng10-1.0.13-17.i386.rpm
libpng10-devel-1.0.13-17.i386.rpm
libpng-1.2.2-27.i386.rpm
libpng-devel-1.2.2-27.i386.rpm
x86_64:
libpng10-1.0.13-17.i386.rpm
libpng10-1.0.13-17.x86_64.rpm
libpng10-devel-1.0.13-17.x86_64.rpm
libpng-1.2.2-27.i386.rpm
libpng-1.2.2-27.x86_64.rpm
libpng-devel-1.2.2-27.x86_64.rpm
SL 4.x
SRPMS:
libpng-1.2.7-3.el4.src.rpm
libpng10-1.0.16-3.src.rpm
i386:
libpng10-1.0.16-3.i386.rpm
libpng10-devel-1.0.16-3.i386.rpm
libpng-1.2.7-3.el4.i386.rpm
libpng-devel-1.2.7-3.el4.i386.rpm
x86_64:
libpng10-1.0.16-3.i386.rpm
libpng10-1.0.16-3.x86_64.rpm
libpng10-devel-1.0.16-3.x86_64.rpm
libpng-1.2.7-3.el4.i386.rpm
libpng-1.2.7-3.el4.x86_64.rpm
libpng-devel-1.2.7-3.el4.x86_64.rpm
SL 5.x
SRPMS:
libpng-1.2.10-7.0.2.src.rpm
i386:
libpng-1.2.10-7.0.2.i386.rpm
libpng-devel-1.2.10-7.0.2.i386.rpm
x86_64:
libpng-1.2.10-7.0.2.i386.rpm
libpng-1.2.10-7.0.2.x86_64.rpm
libpng-devel-1.2.10-7.0.2.i386.rpm
libpng-devel-1.2.10-7.0.2.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
