MDKSA-2004:079

Package name
libpng
Date
2004-08-04
Advisory ID
MDKSA-2004:079
Affected versions
9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , CS2.1 i586 , 10.0 i586 , 9.2 i586 , 9.1 i586 , MNF8.2 i586 , 9.1 i586

Problem description

Chris Evans discovered numerous vulnerabilities in the libpng graphics library, including a remotely exploitable stack-based buffer overrun in the png_handle_tRNS function, dangerous code in png_handle_sBIT, a possible NULL-pointer crash in png_handle_iCCP (which is also duplicated in multiple other locations), a theoretical integer overflow in png_read_png, and integer overflows during progressive reading. All users are encouraged to upgrade immediately.

Updated packages

9.2 amd64

 ce8a91d600fba2cdcc4cbfa73528f0cd  amd64/9.2/RPMS/lib64png3-1.2.5-7.5.92mdk.amd64.rpm
231a4e5d6f11d262bb5bc6b7563ad93f  amd64/9.2/RPMS/lib64png3-devel-1.2.5-7.5.92mdk.amd64.rpm
1f63ad149a23fd5f2e9c9007b162235b  amd64/9.2/RPMS/lib64png3-static-devel-1.2.5-7.5.92mdk.amd64.rpm
9ada13b517e9d757874bd235de565fc8  amd64/9.2/SRPMS/libpng-1.2.5-7.5.92mdk.src.rpm

CS2.1 x86_64

 bb2f7ccff93adcf0f466cb4741f09440  x86_64/corporate/2.1/RPMS/libpng3-1.2.4-3.7.C21mdk.x86_64.rpm
22bd27f48fa0fd1e0510c3066ab67325  x86_64/corporate/2.1/RPMS/libpng3-devel-1.2.4-3.7.C21mdk.x86_64.rpm
769bb0aa09bf26b1ff64a9cd5e5a452e  x86_64/corporate/2.1/RPMS/libpng3-static-devel-1.2.4-3.7.C21mdk.x86_64.rpm
e37d6b112471f9fbd39eee11db336a8e  x86_64/corporate/2.1/SRPMS/libpng-1.2.4-3.7.C21mdk.src.rpm

10.0 amd64

 7f4dbf94ab247849e8efb3034c6bb046  amd64/10.0/RPMS/lib64png3-1.2.5-10.5.100mdk.amd64.rpm
7f2e23c89e39423b2499798cad32fc13  amd64/10.0/RPMS/lib64png3-devel-1.2.5-10.5.100mdk.amd64.rpm
ac6b7e03e3e816efa8744816d596338f  amd64/10.0/RPMS/lib64png3-static-devel-1.2.5-10.5.100mdk.amd64.rpm
5402d26cab5f03469f22f10e7279a64f  amd64/10.0/SRPMS/libpng-1.2.5-10.5.100mdk.src.rpm

CS2.1 i586

 6cf56378665f973c6b96a487db31f2df  corporate/2.1/RPMS/libpng3-1.2.4-3.7.C21mdk.i586.rpm
4dfb84e68f30cc4de1ddf2085ef74ebd  corporate/2.1/RPMS/libpng3-devel-1.2.4-3.7.C21mdk.i586.rpm
68adca80324ccf10ecf386466673ff5e  corporate/2.1/RPMS/libpng3-static-devel-1.2.4-3.7.C21mdk.i586.rpm
e37d6b112471f9fbd39eee11db336a8e  corporate/2.1/SRPMS/libpng-1.2.4-3.7.C21mdk.src.rpm

10.0 i586

 5f2e0ce336d0854b79426e3ee2fc9c1c  10.0/RPMS/libpng3-1.2.5-10.5.100mdk.i586.rpm
a08aee71d41f2fd270e657053ed16a18  10.0/RPMS/libpng3-devel-1.2.5-10.5.100mdk.i586.rpm
997b909be31340ab48a5c8266364d9f1  10.0/RPMS/libpng3-static-devel-1.2.5-10.5.100mdk.i586.rpm
5402d26cab5f03469f22f10e7279a64f  10.0/SRPMS/libpng-1.2.5-10.5.100mdk.src.rpm

9.2 i586

 73dcbcff5ec15f8d0c683e85357ba292  9.2/RPMS/libpng3-1.2.5-7.5.92mdk.i586.rpm
7d1493bececc9a48b84061b3eae8d92f  9.2/RPMS/libpng3-devel-1.2.5-7.5.92mdk.i586.rpm
32d8f720ff4f9e2dcfd7e07a7f3b221c  9.2/RPMS/libpng3-static-devel-1.2.5-7.5.92mdk.i586.rpm
9ada13b517e9d757874bd235de565fc8  9.2/SRPMS/libpng-1.2.5-7.5.92mdk.src.rpm

9.1 i586

 6fd39e5ee6bc8dc031bf3ea4608b2dcf  9.1/RPMS/libpng3-1.2.5-2.5.91mdk.i586.rpm
e29e3f15812654860e80987ff169ed0a  9.1/RPMS/libpng3-devel-1.2.5-2.5.91mdk.i586.rpm
f8fbbf2d3bd57ffb967a12fa84806793  9.1/RPMS/libpng3-static-devel-1.2.5-2.5.91mdk.i586.rpm
c1f995c1738591bf1436386c19f220f8  9.1/SRPMS/libpng-1.2.5-2.5.91mdk.src.rpm

MNF8.2 i586

 f8ec19565a938e22f23e39b444d208a2  mnf8.2/RPMS/libpng3-1.2.4-3.7.M82mdk.i586.rpm
99b28bb4446212b3cf099640a876c44e  mnf8.2/SRPMS/libpng-1.2.4-3.7.M82mdk.src.rpm

9.1 i586

 db141bfa829164296790fc5ecaeca8af  ppc/9.1/RPMS/libpng3-1.2.5-2.5.91mdk.ppc.rpm
cf12eb035d71e045bca05a351d2e12b5  ppc/9.1/RPMS/libpng3-devel-1.2.5-2.5.91mdk.ppc.rpm
37ed0b8a240466482f3e3e079397aca3  ppc/9.1/RPMS/libpng3-static-devel-1.2.5-2.5.91mdk.ppc.rpm
c1f995c1738591bf1436386c19f220f8  ppc/9.1/SRPMS/libpng-1.2.5-2.5.91mdk.src.rpm

References