Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200405-06 (libpng)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54566

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200405-06 (libpng)

Resumen: The remote host is missing updates announced in;advisory GLSA 200405-06.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200405-06.

Vulnerability Insight:
A bug in the libpng library can be abused to crash programs making use of
that library to decode PNG images.

Solution:
All users of libpng should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=media-libs/libpng-1.2.5-r5'
# emerge '>=media-libs/libpng-1.2.5-r5'

You should also run revdep-rebuild to rebuild any packages that depend on
older versions of libpng :

# revdep-rebuild

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0421
http://lists.apple.com/mhonarc/security-announce/msg00056.html
BugTraq ID: 10244
http://www.securityfocus.com/bid/10244
Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search)
http://marc.info/?l=bugtraq&m=108334922320309&w=2
Debian Security Information: DSA-498 (Google Search)
http://www.debian.org/security/2004/dsa-498
http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2
http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:040
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971
http://www.redhat.com/support/errata/RHSA-2004-180.html
http://www.redhat.com/support/errata/RHSA-2004-181.html
http://secunia.com/advisories/22957
http://secunia.com/advisories/22958
http://marc.info/?l=bugtraq&m=108335030208523&w=2
XForce ISS Database: libpng-png-dos(16022)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16022

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54566
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200405-06 (libpng)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200405-06.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200405-06. Vulnerability Insight: A bug in the libpng library can be abused to crash programs making use of that library to decode PNG images. Solution: All users of libpng should upgrade to the latest stable version: # emerge sync # emerge -pv '>=media-libs/libpng-1.2.5-r5' # emerge '>=media-libs/libpng-1.2.5-r5' You should also run revdep-rebuild to rebuild any packages that depend on older versions of libpng : # revdep-rebuild CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0421 http://lists.apple.com/mhonarc/security-announce/msg00056.html BugTraq ID: 10244 http://www.securityfocus.com/bid/10244 Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search) http://marc.info/?l=bugtraq&m=108334922320309&w=2 Debian Security Information: DSA-498 (Google Search) http://www.debian.org/security/2004/dsa-498 http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2 http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:040 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971 http://www.redhat.com/support/errata/RHSA-2004-180.html http://www.redhat.com/support/errata/RHSA-2004-181.html http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://marc.info/?l=bugtraq&m=108335030208523&w=2 XForce ISS Database: libpng-png-dos(16022) https://exchange.xforce.ibmcloud.com/vulnerabilities/16022
Copyright	Copyright (C) 2008 E-Soft Inc.