Jump to content

Advisories MDVSA-2010:133: libpng


paul
 Share

Recommended Posts

Multiple vulnerabilities has been found and corrected in libpng:

 

Memory leak in the png_handle_tEXt function in pngrutil.c in libpng

before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers

to cause a denial of service (memory exhaustion) via a crafted PNG file

(CVE-2008-6218.

 

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x

before 1.4.3, as used in progressive applications, might allow remote

attackers to execute arbitrary code via a PNG image that triggers an

additional data row (CVE-2010-1205).

 

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before

1.4.3, allows remote attackers to cause a denial of service (memory

consumption and application crash) via a PNG image containing malformed

Physical Scale (aka sCAL) chunks (CVE-2010-2249).

 

As a precaution htmldoc has been rebuilt to link against the

system libpng library for CS4 and 2008.0. Latest xulrunner and

mozilla-thunderbird has been patched as a precaution for 2008.0 wheres

on 2009.0 and up the the system libpng library is used instead of the

bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is

therefore also being provided with this advisory.

 

Packages for 2008.0 and 2009.0 are provided as of the Extended

Maintenance Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated packages have been patched to correct these issues.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...