FEDORA-EPEL-2011-3664 created by pghmcfc 10 years ago for Fedora EPEL 6
stable

This update fixes a 1-byte uninitialized memory reference in png_format_buffer(). It allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. This is CVE-2011-2501.

Also fixed in this release are some other minor security problems and there's additionally a bugfix backported from 1.5.3: when expanding a paletted image, always expand to RGBA if transparency is present.

This update has been submitted for testing by pghmcfc.

10 years ago

This update has been pushed to testing

10 years ago

pghmcfc has edited this update. New build(s): libpng10-1.0.55-1.el6. Removed build(s): libpng10-1.0.54-3.el6.

10 years ago

This update has been submitted for testing by pghmcfc.

10 years ago

This update has been pushed to testing

10 years ago

This update has been submitted for stable by pghmcfc.

10 years ago

This update has been pushed to stable

10 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
10 years ago
in testing
10 years ago
in stable
10 years ago
modified
10 years ago
BZ#717084 CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
0
0
BZ#717513 CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+ [epel-6]
0
0
BZ#720607 CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray
0
0
BZ#720608 CVE-2011-2691 libpng: Crash in png_default_error due to use of NULL Pointer
0
0
BZ#720612 CVE-2011-2692 libpng: Invalid read when handling empty sCAL chunks
0
0
BZ#721310 CVE-2011-2690 CVE-2011-2692 libpng10 various flaws [epel-6]
0
0

Automated Test Results