MandrivaUsers.org > Security Advisory (MDKSA-2004:040): libpng

Full Version: Security Advisory (MDKSA-2004:040): libpng

MandrivaUsers.org > Announcements > Mandriva Security Advisories

aru

Apr 30 2004, 12:13 AM

MandrakeSoft Security Advisory MDKSA-2004:040 : libpng

April 29th, 2004
Updated libpng packages fix vulnerability

Steve Grubb discovered that libpng would access memory that is out of bounds when creating an error message. The impact of this bug is not clear, but it could lead to a core dump in a program using libpng, or could result in a DoS (Denial of Service) condition in a daemon that uses libpng to process PNG imagaes.

The updated packages are patched to correct the vulnerability.

The released versions of Mandrake GNU/Linux affected are:

9.1
9.2
9.2/AMD64
Multi Network Firewall 8.2
Corporate Server 2.1
10.0

Full information about this advisory, including the updated packages, is available at:
www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:040

Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0421

Posted automatically by aru (mdksec2mub v0.0.8)

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.