Linux Security
    Linux Security
    Linux Security

    Fedora: 2,1: libpng 1.0 Denial of service vulnerability

    Date
    2456
    Posted By
    An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim.
    
    CORE 2:
    
    Fedora Update Notification
    FEDORA-2004-176
    2004-06-18
    ---------------------------------------------------------------------
     
    Product     : Fedora Core 2
    Name        : libpng10
    Version     : 1.0.15
    Release     : 5
    Summary     : Old version of libpng, needed to run old binaries.
    Description :
    The libpng10 package contains an old version of libpng, a library of
    functions for creating and manipulating PNG (Portable Network Graphics)
    image format files.
     
    This package is needed if you want to run binaries that were linked
    dynamically
    with libpng 1.0.x.
     
    ---------------------------------------------------------------------
    Update Information:
     
    During an audit of Red Hat Linux updates, the Fedora Legacy team found a
    security issue in libpng that had not been fixed in Fedora Core. An
    attacker could carefully craft a PNG file in such a way that
    it would cause an application linked to libpng to crash or potentially
    execute arbitrary code when opened by a victim.
    ---------------------------------------------------------------------
     
    ---------------------------------------------------------------------
    This update can be downloaded from:
       https://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
     
    e061938ff40d4b6d79d6a2867fade179  SRPMS/libpng10-1.0.15-5.src.rpm
    10a4be8fa833afdd2c6c93452b9a81d8  x86_64/libpng10-1.0.15-5.x86_64.rpm
    cf1d624c20f1ec1b56247c2b996c7d0e 
    x86_64/libpng10-devel-1.0.15-5.x86_64.rpm
    249c40e90cad1abf55fdf689d4f96cba 
    x86_64/debug/libpng10-debuginfo-1.0.15-5.x86_64.rpm
    070b4e3eab29bbf9915f9220e5430db5  i386/libpng10-1.0.15-5.i386.rpm
    0d058440eb04087b8db8c9652d9a6fe5  i386/libpng10-devel-1.0.15-5.i386.rpm
    2007c462b58b07032c2040080690b508 
    i386/debug/libpng10-debuginfo-1.0.15-5.i386.rpm
     
    This update can also be installed with the Update Agent; you can
    launch the Update Agent with the 'up2date' command.
    
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
    CORE 1:
    
    Fedora Update Notification
    FEDORA-2004-174
    2004-06-18
    ---------------------------------------------------------------------
     
    Product     : Fedora Core 1
    Name        : libpng10
    Version     : 1.0.15
    Release     : 4
    Summary     : Old version of libpng, needed to run old binaries.
    Description :
    The libpng10 package contains an old version of libpng, a library of
    functions for creating and manipulating PNG (Portable Network Graphics)
    image format files.
     
    This package is needed if you want to run binaries that were linked
    dynamically
    with libpng 1.0.x.
     
    ---------------------------------------------------------------------
    Update Information:
     
    During an audit of Red Hat Linux updates, the Fedora Legacy team found a
    security issue in libpng that had not been fixed in Fedora Core. An
    attacker could carefully craft a PNG file in such a way that
    it would cause an application linked to libpng to crash or potentially
    execute arbitrary code when opened by a victim.
     
    ---------------------------------------------------------------------
     
    ---------------------------------------------------------------------
    This update can be downloaded from:
       https://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
     
    27291030c4b45837604fa29ea1ba63af  SRPMS/libpng10-1.0.15-4.src.rpm
    373999494fd66d5110f30cc13f23afdf  x86_64/libpng10-1.0.15-4.x86_64.rpm
    c3179356daded13a6f03f5384e201772 
    x86_64/libpng10-devel-1.0.15-4.x86_64.rpm
    0583f6e917579a841183ade07772ee71 
    x86_64/debug/libpng10-debuginfo-1.0.15-4.x86_64.rpm
    c340858b643a92beb4ab16bcfff55e6c  i386/libpng10-1.0.15-4.i386.rpm
    4642cf8bafa073269763964a85ef5139  i386/libpng10-devel-1.0.15-4.i386.rpm
    67b64172374624083b436c49d0ae7a8a 
    i386/debug/libpng10-debuginfo-1.0.15-4.i386.rpm
     
    This update can also be installed with the Update Agent; you can
    launch the Update Agent with the 'up2date' command.
    
    

    Advisories

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.