Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Oracle Linux 10: ELSA-2026-0237 libpng Important Buffer Overflow Fix

oracle
Calendar Grey January 8, 2026
Oracle Linux Logo Esm H88
Oracle Linux 10 security advisory for libpng highlights important updates due to critical buffer overflows and out-of-bounds issues.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[2:1.6.40-8.1] - CVE-2025-64720: buffer overflow (RHEL-131422) - CVE-2025-65018: heap buffer overflow (RHEL-131435) - CVE-2025-66293: out-of-bounds read in png_image_read_composite (RHEL-133212)

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/libpng-1.6.40-8.el10_1.1.src.rpm

x86_64

libpng-1.6.40-8.el10_1.1.x86_64.rpm libpng-devel-1.6.40-8.el10_1.1.x86_64.rpm

aarch64

libpng-1.6.40-8.el10_1.1.aarch64.rpm libpng-devel-1.6.40-8.el10_1.1.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-64720 CVE-2025-65018 CVE-2025-66293

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.