FEDORA-2015-1d87313b7c created by pghmcfc 4 years ago for Fedora 23
stable

An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981).

Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126).

Also includes various other small bug fixes as detailed in the package changelog.

How to install

sudo dnf upgrade --advisory=FEDORA-2015-1d87313b7c

This update has been submitted for testing by pghmcfc.

4 years ago

This update has been pushed to testing.

4 years ago

pghmcfc edited this update.

4 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by pghmcfc.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1276416 CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123
0
0
BZ#1276417 CVE-2015-7981 libpng10: libpng: Out-of-bounds read in png_convert_to_rfc1123 [fedora-all]
0
0
BZ#1281756 CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
0
0
BZ#1282039 CVE-2015-8126 libpng10: libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions [fedora-all]
0
0

Automated Test Results