An underflow read was found in png_check_keyword in libpng10. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.
The fix for CVE-8126 was incomplete in the previous 1.0.64 update.
sudo dnf upgrade --advisory=FEDORA-EPEL-2015-26f2bb9749
|submitted||3 years ago|
|in testing||3 years ago|
|in stable||3 years ago|
|0||0||#1281756 CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions|
|0||0||#1281759 CVE-2015-8126 libpng10: libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions [epel-6]|
|0||0||#1288264 libpng10-1.0.65 is available|
|0||0||#1291312 CVE-2015-8540 libpng: underflow read in png_check_keyword()|
|0||0||#1291318 CVE-2015-8540 libpng10: libpng: underflow read in png_check_keyword() [epel-6]|
|0||0||#1292648 libpng10-1.0.66 is available|