[Frugalware-security] [ FSA-296 ] libpng
noreply at frugalware.org
Fri Oct 19 16:43:12 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Frugalware Security Advisory FSA-296
Vulnerable versions: <= 1.2.20-1
Unaffected versions: >= 1.2.22-1sayshell1
Related bugreport: http://bugs.frugalware.org/task/2475
Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency extension, and an incorrect use of sizeof() may be exploited to crash an application using the library.
2) Various out-of-bounds read errors exist within the functions "png_handle_pCAL()", "png_handle_sCAL()", "png_push_read_tEXt()", "png_handle_iTXt()", and "png_handle_ztXt()", which may be exploited by exploited to crash an application using the library.
3) The vulnerability is caused due to an off-by-one error within the ICC profile chunk handling, which potentially can be exploited to crash an application using the library.
Check if you have libpng installed:
# pacman-g2 -Q libpng
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy libpng
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
-----END PGP SIGNATURE-----
More information about the Frugalware-security