Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora Core 2: 2004-175 Critical: Libpng Denial Of Service

fedora
Calendar Grey June 21, 2004
Dist Fedora Esm H88
Important Fedora security patch regarding libpng addresses vulnerabilities that could lead to OS instability from malicious PNG images; updates ready for deployment.
An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code.

Summary

The libpng package contains a library of functions for creating and

manipulating PNG (Portable Network Graphics) image format files. PNG

is a bit-mapped graphics format similar to the GIF format. PNG was

created to replace the GIF format, since GIF uses a patented data

compression algorithm.

Libpng should be installed if you need to manipulate PNG format image

files.

The libpng package contains a library of functions for creating and

manipulating PNG (Portable Network Graphics) image format files. PNG

is a bit-mapped graphics format similar to the GIF format. PNG was

created to replace the GIF format, since GIF uses a patented data

compression algorithm.

Libpng should be installed if you need to manipulate PNG format image

files.

Update Information:

During an audit of Red Hat Linux updates, the Fedora Legacy team found a security issue in libpng that had not been fixed in Fedora Core. An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim.

This update can be downloaded from:

7110a37d68c8c40e714a1ac98968bf8c SRPMS/libpng-1.2.5-5.src.rpm 459fcd366522dc38efb4a652d8def823 x86_64/libpng-1.2.5-5.x86_64.rpm 4d7c8e03855acd7b9becbe4346018696 x86_64/libpng-devel-1.2.5-5.x86_64.rpm 57c26ab46c584b6f0f988158d898c054 x86_64/debug/libpng-debuginfo-1.2.5-5.x86_64.rpm 9d383cea2fa4aef94fa80531214707bd x86_64/libpng-1.2.5-5.i386.rpm f880999528679481d1c6ff76559a3049 x86_64/libpng-devel-1.2.5-5.i386.rpm 213aeb2882f3ebba9859367b46e64849 x86_64/debug/libpng-debuginfo-1.2.5-5.i386.rpm9d383cea2fa4aef94fa80531214707bd i386/libpng-1.2.5-5.i386.rpm f880999528679481d1c6ff76559a3049 i386/libpng-devel-1.2.5-5.i386.rpm 213aeb...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service fedora critical software update libpng

Change Log

References

CORE 2:
Fedora Update Notification FEDORA-2004-175 2004-06-18 Product : Fedora Core 2 Name : libpng Version : 1.2.5 Release : 5 Summary : A library of functions for manipulating PNG image format files. Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files.

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora Core 2
Name: libpng
Version: 1.2.5
Release: 5
Summary: A library of functions for manipulating PNG image format
Product: Fedora Core 1
Name: libpng
Version: 1.2.5
Release: 4
Summary: A library of functions for manipulating PNG image format

Topics%20covered

Topics Covered

security advisory denial of service fedora critical software update libpng

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here