Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 556
Alerts This Week
Warning Icon 1 556

Fedora 23: libpng10 Critical Update - CVE-2015-8126 Buffer Overflow

fedora
Calendar Grey December 18, 2015
Dist Fedora Esm H88
Red Hat Security Advisory for libjpeg62 concerning CVE-9123 as a result of prior patching inadequacies, necessitating prompt attention.
The fix for CVE-8126 was incomplete in the previous 1.0.64 update.

Summary

The libpng10 package contains an old version of libpng, a library of functions

for creating and manipulating PNG (Portable Network Graphics) image format

files.

This package is needed if you want to run binaries that were linked dynamically

with libpng 1.0.x.

Update Information:

The fix for CVE-8126 was incomplete in the previous 1.0.64 update.

Change Log

References


[ 1 ] Bug #1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions https://bugzilla.redhat.com/show_bug.cgi?id=1281756

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update libpng10' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libpng10
Product: Fedora 23
Version: 1.0.65
Release: 1.fc23
Summary: Old version of libpng, needed to run old binaries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.