Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 565
Alerts This Week
Warning Icon 1 565

Gentoo: GLSA-202305-12 Urgent: libxml2 Risk of Remote Code Execution

gentoo
Calendar Grey April 15, 2008
Scroller Gentoo
Critical Gentoo notice regarding libjpeg vulnerability allowing remote code execution. Update immediately to reduce exposure.
A vulnerability in libpng may allow for execution of arbitrary code in certain applications that handle untrusted images.

Summary

Gentoo Linux Security Advisory GLSA 200804-15 https://security.gentoo.org/ Severity: High Title: libpng: Execution of arbitrary code Date: April 15, 2008 Bugs: #217047 ID: 200804-15

Synopsis ======= A vulnerability in libpng may allow for execution of arbitrary code in certain applications that handle untrusted images.
Background ========= libpng is a free ANSI C library used to process and manipulate PNG images.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libpng < 1.2.26-r1 >= 1.2.26-r1
========== Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround