[Frugalware-security] [ FSA-296 ] libpng
voroskoi
noreply at frugalware.org
Fri Oct 19 16:43:12 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frugalware Security Advisory FSA-296
Date: 2007-11-19
Package: libpng
Vulnerable versions: <= 1.2.20-1
Unaffected versions: >= 1.2.22-1sayshell1
Related bugreport: http://bugs.frugalware.org/task/2475
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
Description
===========
Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency extension, and an incorrect use of sizeof() may be exploited to crash an application using the library.
2) Various out-of-bounds read errors exist within the functions "png_handle_pCAL()", "png_handle_sCAL()", "png_push_read_tEXt()", "png_handle_iTXt()", and "png_handle_ztXt()", which may be exploited by exploited to crash an application using the library.
3) The vulnerability is caused due to an off-by-one error within the ICC profile chunk handling, which potentially can be exploited to crash an application using the library.
Updated Packages
================
Check if you have libpng installed:
# pacman-g2 -Q libpng
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy libpng
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
iD8DBQFHGMJ/Z7NElSD1VhkRAlmrAJ92iTNWcbVQPuhwTaK1cjMIA/mmgwCdEDu8
4Mnr0H3I/CCIUzXVSsimBBQ=
=qq8r
-----END PGP SIGNATURE-----
More information about the Frugalware-security
mailing list