Описание
Security update for libpng16
This update for libpng16 fixes the following issues:
- CVE-2025-28162: memory leaks when running
pngimage(bsc#1257364). - CVE-2025-28164: memory leaks when running
pngimage(bsc#1257365). - CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525).
Список пакетов
Container private-registry/harbor-portal:latest
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-3P
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Basic
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Standard
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-BYOS
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-BYOS-Azure
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-BYOS-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-HPC-BYOS
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-HPC-BYOS-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-HPC-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-HPC-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-HPC-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Hardened-BYOS
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Hardened-BYOS-Azure
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Hardened-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Azure
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Azure-3P
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-BYOS
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-BYOS-Azure
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-GCE
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-Azure
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-BYOS
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAP-Hardened-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-SAPCAL
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP6-SAPCAL-Azure
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP6-SAPCAL-GCE
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
Image SLES15-SP7-HPC-BYOS-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP7-HPC-BYOS-GCE
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP7-SAP-Hardened-BYOS-EC2
libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP7-SAPCAL-GCE
libpng16-16-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libpng16-16-1.6.40-150600.3.9.1
libpng16-16-32bit-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
openSUSE Leap 15.6
libpng16-16-1.6.40-150600.3.9.1
libpng16-16-32bit-1.6.40-150600.3.9.1
libpng16-compat-devel-1.6.40-150600.3.9.1
libpng16-compat-devel-32bit-1.6.40-150600.3.9.1
libpng16-devel-1.6.40-150600.3.9.1
libpng16-devel-32bit-1.6.40-150600.3.9.1
libpng16-tools-1.6.40-150600.3.9.1
Ссылки
- Link for SUSE-SU-2026:0364-1
- E-Mail link for SUSE-SU-2026:0364-1
- SUSE Security Ratings
- SUSE Bug 1257364
- SUSE Bug 1257365
- SUSE CVE CVE-2025-28162 page
- SUSE CVE CVE-2025-28164 page
Описание
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive
Затронутые продукты
Container private-registry/harbor-portal:latest:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-3P:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Basic:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Standard:libpng16-16-1.6.40-150600.3.9.1
Ссылки
- CVE-2025-28162
- SUSE Bug 1257364
Описание
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.
Затронутые продукты
Container private-registry/harbor-portal:latest:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-3P:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Basic:libpng16-16-1.6.40-150600.3.9.1
Image SLES15-SP6-Azure-Standard:libpng16-16-1.6.40-150600.3.9.1
Ссылки
- CVE-2025-28164
- SUSE Bug 1257365