Paketname
libpng
Datum
2012-03-21
Advisory ID
MDVSA-2012:033
Betroffene Versionen
MES5 i586 , 2010.1 i586 , 2011 x86_64 , 2011 i586 , MES5 x86_64 , 2010.1 x86_64

Problembeschreibung

A vulnerability has been found and corrected in libpng:

A heap-based buffer overflow flaw was found in the way libpng
processed compressed chunks in PNG image files. An attacker could
create a specially-crafted PNG image file that, when opened, could
cause an application using libpng to crash or, possibly, execute
arbitrary code with the privileges of the user running the application
(CVE-2011-3045).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

MES5 i586

 07faa832f20210363428303e08ef79a3  mes5/i586/libpng3-1.2.31-2.6mdvmes5.2.i586.rpm
 3e6864bd079b3660a51ce0349f20b4d4  mes5/i586/libpng-devel-1.2.31-2.6mdvmes5.2.i586.rpm
 a35695f0cf2a116934af8fe7b3f79136  mes5/i586/libpng-source-1.2.31-2.6mdvmes5.2.i586.rpm
 c2c93688dee244bd34767e357a9f21c0  mes5/i586/libpng-static-devel-1.2.31-2.6mdvmes5.2.i586.rpm 
 91d76d5d157fe37b484346fd9cbe3193  mes5/SRPMS/libpng-1.2.31-2.6mdvmes5.2.src.rpm

2010.1 i586

 8ce1692699d6340c722609687b3c1d43  2010.1/i586/libpng3-1.2.43-1.4mdv2010.2.i586.rpm
 efde5d68e7a3689383583673a41837b4  2010.1/i586/libpng-devel-1.2.43-1.4mdv2010.2.i586.rpm
 3b49b9d4300101a2ad6d4dbe76ea3951  2010.1/i586/libpng-source-1.2.43-1.4mdv2010.2.i586.rpm
 a3dc5c7022ca1efdcd50c7a1b30e098f  2010.1/i586/libpng-static-devel-1.2.43-1.4mdv2010.2.i586.rpm 
 22b3f3635669c5380e721b6040e1e793  2010.1/SRPMS/libpng-1.2.43-1.4mdv2010.2.src.rpm

2011 x86_64

 6216d1abe8dbb599584ba3cd4ad602bf  2011/x86_64/lib64png3-1.2.46-1.2-mdv2011.0.x86_64.rpm
 22cddc6d3e4c24f5c1aae64161935dc1  2011/x86_64/lib64png-devel-1.2.46-1.2-mdv2011.0.x86_64.rpm
 631967367a20801088b59460b19efe8b  2011/x86_64/lib64png-static-devel-1.2.46-1.2-mdv2011.0.x86_64.rpm
 0d7fe6c6bebe813a817a20b0257a74cc  2011/x86_64/libpng-source-1.2.46-1.2-mdv2011.0.x86_64.rpm 
 4c1d2893ef6ebe27cd7b64344d40a1a1  2011/SRPMS/libpng-1.2.46-1.2.src.rpm

2011 i586

 ff171bb221ac51862059bb56f17af8c1  2011/i586/libpng3-1.2.46-1.2-mdv2011.0.i586.rpm
 eb5a2bb97aff9550a74688a4561ee318  2011/i586/libpng-devel-1.2.46-1.2-mdv2011.0.i586.rpm
 941755ad12b007dab7228ff811215ae1  2011/i586/libpng-source-1.2.46-1.2-mdv2011.0.i586.rpm
 8f66b00517da98d71c4415a103b964b2  2011/i586/libpng-static-devel-1.2.46-1.2-mdv2011.0.i586.rpm 
 4c1d2893ef6ebe27cd7b64344d40a1a1  2011/SRPMS/libpng-1.2.46-1.2.src.rpm

MES5 x86_64

 05b845a052ed531a89be93bbf742a037  mes5/x86_64/lib64png3-1.2.31-2.6mdvmes5.2.x86_64.rpm
 10c36ffcc0ea0f7aadf912be3c5e8edb  mes5/x86_64/lib64png-devel-1.2.31-2.6mdvmes5.2.x86_64.rpm
 5fe9bc6baf91438cc6a0e14523b22545  mes5/x86_64/lib64png-static-devel-1.2.31-2.6mdvmes5.2.x86_64.rpm
 f732953c75a16a6d30cc7da2908243ac  mes5/x86_64/libpng-source-1.2.31-2.6mdvmes5.2.x86_64.rpm 
 91d76d5d157fe37b484346fd9cbe3193  mes5/SRPMS/libpng-1.2.31-2.6mdvmes5.2.src.rpm

2010.1 x86_64

 4dd51c05e94490929f61988410c5b639  2010.1/x86_64/lib64png3-1.2.43-1.4mdv2010.2.x86_64.rpm
 f5724667312bb3c83c2525c32890490c  2010.1/x86_64/lib64png-devel-1.2.43-1.4mdv2010.2.x86_64.rpm
 0dd3ec66bbc8205965d63bdafa794741  2010.1/x86_64/lib64png-static-devel-1.2.43-1.4mdv2010.2.x86_64.rpm
 bc35032a8bc5b584b354ba35e8b2a177  2010.1/x86_64/libpng-source-1.2.43-1.4mdv2010.2.x86_64.rpm 
 22b3f3635669c5380e721b6040e1e793  2010.1/SRPMS/libpng-1.2.43-1.4mdv2010.2.src.rpm

Referenzen