Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

Fedora 44 libpng15 Critical Heap Buffer Overflow CVE-2026-25646

fedora
Calendar Grey April 25, 2026
Dist Fedora Esm H88
Heap buffer overflow vulnerability resolved in libpng15 for Fedora 44 as detailed in advisory 2026-bcba077d11 ensuring system security and stability
fix CVE-2026-25646: heap buffer overflow in png_set_quantize

Summary

The libpng15 package provides libpng 1.5, an older version of the libpng.

library for manipulating PNG (Portable Network Graphics) image format files.

This version should be used only if you are unable to use the current

version of libpng.

Update Information:

fix CVE-2026-25646: heap buffer overflow in png_set_quantize

Change Log

* Wed Apr 1 2026 Michal Hlavinka - 1.5.30-25 - fix CVE-2026-25646: heap buffer overflow in png_set_quantize (rhbz#2438683)

References


[ 1 ] Bug #2438683 - CVE-2026-25646 libpng15: LIBPNG has a heap buffer overflow in png_set_quantize [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438683

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bcba077d11' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libpng15
Product: Fedora 44
Version: 1.5.30
Release: 25.fc44
Summary: Old version of libpng, needed to run old binaries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.