ArchLinux: 201701-2: libpng: denial of service
Summary
A NULL-pointer dereference issue has been found in png_set_text_2() in libpng <= 1.6.26 and >= 0.71. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png structure.
Resolution
Upgrade to 1.6.27-1.
# pacman -Syu "libpng>=1.6.27-1"
The problem has been fixed upstream in version 1.6.27.
References
https://seclists.org/oss-sec/2016/q4/782 https://security.archlinux.org/CVE-2016-10087
Workaround
None.