| Description: | Description:
The remote host is missing an update to libpng
announced via advisory FEDORA-2007-2666.
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files. PNG
is a bit-mapped graphics format similar to the GIF format. PNG was
created to replace the GIF format, since GIF uses a patented data
compression algorithm.
Libpng should be installed if you need to manipulate PNG format image
files.
ChangeLog:
* Thu Oct 18 2007 Tom Lane 2:1.2.22-1
- Update to libpng 1.2.22, primarily to fix CVE-2007-5269
Related: #324771
- Update License tag
* Wed May 23 2007 Tom Lane 2:1.2.16-2
- Add patch to fix CVE-2007-2445
Related: #239542
References:
[ 1 ] Bug #337461 - CVE-2007-5269 libpng DoS via multiple out-of-bounds reads [F7]
https://bugzilla.redhat.com/show_bug.cgi?id=337461
[ 2 ] CVE-2007-5269
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
Updated packages:
2cdfd6b92a9fffeefbdce60fcddde452edb75aaf libpng-1.2.22-1.fc7.ppc64.rpm
658fac8d256cd3c97a65f65b3536585a93161ec4 libpng-devel-1.2.22-1.fc7.ppc64.rpm
693a47154913ae78ba8fb267c97d45eda50b2e60 libpng-debuginfo-1.2.22-1.fc7.ppc64.rpm
9803281a0957e1b33e8e36391130aa7367ae1807 libpng-static-1.2.22-1.fc7.ppc64.rpm
80d621b0f0b9f3e43e96d6fa107e6e287e130b62 libpng-devel-1.2.22-1.fc7.i386.rpm
33aaa7092550fb211689f6fc46a383045d0e9788 libpng-debuginfo-1.2.22-1.fc7.i386.rpm
f4055c459e1780b71fcb45fd99a6cba06c51635e libpng-1.2.22-1.fc7.i386.rpm
eb39a8b5adb4542b712a29e98a9545229f7927ab libpng-static-1.2.22-1.fc7.i386.rpm
8252f38537f6af003eebe5ae08a3a33e218e8754 libpng-debuginfo-1.2.22-1.fc7.x86_64.rpm
10c3d1160d11994d1873fee515cddcc9ba3bc57a libpng-devel-1.2.22-1.fc7.x86_64.rpm
b8590897aac036d63855eea510edea2b55bbb9af libpng-static-1.2.22-1.fc7.x86_64.rpm
6410cae8c1acdc1ef04d0688d5a5b8f1bf330a90 libpng-1.2.22-1.fc7.x86_64.rpm
954263fd7565757de7b6dd3448bf49c847052882 libpng-devel-1.2.22-1.fc7.ppc.rpm
3bae37ae9fd4176f84fd06d6736788798f530eec libpng-1.2.22-1.fc7.ppc.rpm
a73d283a926db4a7fb95b18e7adda4b0e134bdbd libpng-debuginfo-1.2.22-1.fc7.ppc.rpm
41761795c2fb360b0bb18d41f9707cb56180881c libpng-static-1.2.22-1.fc7.ppc.rpm
aecf2aff2f1b8d41b1323362598bb5ee22b196d4 libpng-1.2.22-1.fc7.src.rpm
This update can be installed with the yum update program. Use
su -c 'yum update libpng'
at the command line. For more information, refer to Managing Software
with yum, available at http://docs.fedoraproject.org/yum/.
Solution: Apply the appropriate updates.
http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2666
Risk factor : Medium
CVSS Score:
5.0
|
