stable

libpng10-1.0.64-1.fc23

FEDORA-2015-1d87313b7c created by pghmcfc 8 years ago for Fedora 23

An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981).

Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126).

Also includes various other small bug fixes as detailed in the package changelog.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-1d87313b7c

This update has been submitted for testing by pghmcfc.

8 years ago

This update has been pushed to testing.

8 years ago

pghmcfc edited this update.

8 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by pghmcfc.

8 years ago

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
modified
8 years ago
BZ#1276416 CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123
0
0
BZ#1276417 CVE-2015-7981 libpng10: libpng: Out-of-bounds read in png_convert_to_rfc1123 [fedora-all]
0
0
BZ#1281756 CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
0
0
BZ#1282039 CVE-2015-8126 libpng10: libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions [fedora-all]
0
0

Automated Test Results