Synopsis: Moderate: libpng security update Issue date: 2007-05-17 CVE Names: CVE-2006-5793 CVE-2007-2445 A flaw was found in the handling of malformed images in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. (CVE-2007-2445) A flaw was found in the sPLT chunk handling code in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was opened. (CVE-2006-5793) SL 3.0.x SRPMS: libpng-1.2.2-27.src.rpm libpng10-1.0.13-17.src.rpm i386: libpng10-1.0.13-17.i386.rpm libpng10-devel-1.0.13-17.i386.rpm libpng-1.2.2-27.i386.rpm libpng-devel-1.2.2-27.i386.rpm x86_64: libpng10-1.0.13-17.i386.rpm libpng10-1.0.13-17.x86_64.rpm libpng10-devel-1.0.13-17.x86_64.rpm libpng-1.2.2-27.i386.rpm libpng-1.2.2-27.x86_64.rpm libpng-devel-1.2.2-27.x86_64.rpm SL 4.x SRPMS: libpng-1.2.7-3.el4.src.rpm libpng10-1.0.16-3.src.rpm i386: libpng10-1.0.16-3.i386.rpm libpng10-devel-1.0.16-3.i386.rpm libpng-1.2.7-3.el4.i386.rpm libpng-devel-1.2.7-3.el4.i386.rpm x86_64: libpng10-1.0.16-3.i386.rpm libpng10-1.0.16-3.x86_64.rpm libpng10-devel-1.0.16-3.x86_64.rpm libpng-1.2.7-3.el4.i386.rpm libpng-1.2.7-3.el4.x86_64.rpm libpng-devel-1.2.7-3.el4.x86_64.rpm SL 5.x SRPMS: libpng-1.2.10-7.0.2.src.rpm i386: libpng-1.2.10-7.0.2.i386.rpm libpng-devel-1.2.10-7.0.2.i386.rpm x86_64: libpng-1.2.10-7.0.2.i386.rpm libpng-1.2.10-7.0.2.x86_64.rpm libpng-devel-1.2.10-7.0.2.i386.rpm libpng-devel-1.2.10-7.0.2.x86_64.rpm -Connie Sieh -Troy Dawson