Описание
ELSA-2007-0356: Moderate: libpng security update (MODERATE)
libpng-1.2.7-3.el4:
[1.2.7-3.el4]
- Add patch to fix CVE-2006-5793 Resolves: #215405
[1.2.7-2.el4]
- Add patch to fix CVE-2007-2445 Resolves: #239543
libpng10-1.0.16-3:
[1.0.16-3]
- Add patch to fix CVE-2006-5793 Resolves: #215405
[1.0.16-2]
- Add patch to fix CVE-2007-2445 Resolves: #239543
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
libpng
1.2.10-7.0.2
libpng-devel
1.2.10-7.0.2
Oracle Linux i386
libpng
1.2.10-7.0.2
libpng-devel
1.2.10-7.0.2
Связанные CVE
Связанные уязвимости
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in li ...
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.