SciLinux: CVE-2006-5793 libpng SL5.x, SL4.x, SL3,x i386/x86_64
Summary
Date: Mon, 21 May 2007 16:01:56 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for libpng on SL5.x, SL4.x, SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: libpng security updateIssue date: 2007-05-17CVE Names: CVE-2006-5793 CVE-2007-2445A flaw was found in the handling of malformed images in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. (CVE-2007-2445)A flaw was found in the sPLT chunk handling code in libpng. An attackercould create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was opened. (CVE-2006-5793)SL 3.0.x SRPMS: libpng-1.2.2-27.src.rpm libpng10-1.0.13-17.src.rpm i386: libpng10-1.0.13-17.i386.rpm libpng10-devel-1.0.13-17.i386.rpm libpng-1.2.2-27.i386.rpm libpng-devel-1.2.2-27.i386.rpm x86_64: libpng10-1.0.13-17.i386.rpm libpng10-1.0.13-17.x86_64.rpm libpng10-devel-1.0.13-17.x86_64.rpm libpng-1.2.2-27.i386.rpm libpng-1.2.2-27.x86_64.rpm libpng-devel-1.2.2-27.x86_64.rpmSL 4.x SRPMS: libpng-1.2.7-3.el4.src.rpm libpng10-1.0.16-3.src.rpm i386: libpng10-1.0.16-3.i386.rpm libpng10-devel-1.0.16-3.i386.rpm libpng-1.2.7-3.el4.i386.rpm libpng-devel-1.2.7-3.el4.i386.rpm x86_64: libpng10-1.0.16-3.i386.rpm libpng10-1.0.16-3.x86_64.rpm libpng10-devel-1.0.16-3.x86_64.rpm libpng-1.2.7-3.el4.i386.rpm libpng-1.2.7-3.el4.x86_64.rpm libpng-devel-1.2.7-3.el4.x86_64.rpmSL 5.x SRPMS: libpng-1.2.10-7.0.2.src.rpm i386: libpng-1.2.10-7.0.2.i386.rpm libpng-devel-1.2.10-7.0.2.i386.rpm x86_64: libpng-1.2.10-7.0.2.i386.rpm libpng-1.2.10-7.0.2.x86_64.rpm libpng-devel-1.2.10-7.0.2.i386.rpm libpng-devel-1.2.10-7.0.2.x86_64.rpm-Connie Sieh-Troy Dawson