Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Slackware 12.2: 2009-170-01 Critical: Libpng Uninitialized Memory

slackware
Calendar Grey June 20, 2009
Dist Slackware Esm H88
Updated libpng versions for Slackware address a vulnerability linked to uninitialized memory accesses that could impact image files.
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/libpng-1.2.37-i486-1_slack12.2.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: https://www.cve.org/CVERecord?id=CVE-2009-2042 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical software update slackware libpng image threat uninitialized memory

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware -current:
Updated package for Slackware64 -current:

MD5 Signatures

Slackware 8.1 package: 1851e3199ffefdfa5fd8a99d895a40a3 libpng-1.2.37-i386-1_slack8.1.tgz
Slackware 9.0 package: 4693d4a6794100fde58eaf5fa465ee8f libpng-1.2.37-i386-1_slack9.0.tgz
Slackware 9.1 package: ec207cf4bfb1f847e50a6dbf3dc78115 libpng-1.2.37-i486-1_slack9.1.tgz
Slackware 10.0 package: 1876f3ac377ce5d259c7ec3f6e0153a7 libpng-1.2.37-i486-1_slack10.0.tgz
Slackware 10.1 package: 2ab0b1ac484925f30984636353d39bda libpng-1.2.37-i486-1_slack10.1.tgz
Slackware 10.2 package: 0921f5d71d168b226cc3022d33fcbe23 libpng-1.2.37-i486-1_slack10.2.tgz
Slackware 11.0 package: a901f86a500ac565c4f37fa1d13510d9 libpng-1.2.37-i486-1_slack11.0.tgz
Slackware 12.0 package: 3311aaf3084916f5c6945ebf82f7dffd libpng-1.2.37-i486-1_slack12.0.tgz
Slackware 12.1 package: 5fa3c78fb2a34ead9921237ee40a5261 libpng-1.2.37-i486-1_slack12.1.tgz
Slackware 12.2 package: 4ce1aa90b408c55a5727e8e7dee8bf0f libpng-1.2.37-i486-1_slack12.2.tgz
Slackware -current package: d596d01bf2f7dc74080cf819f53d9417 libpng-1.2.37-i486-1.txz
Slackware64 -current package: 393078aee59637e0158612f3b46e4e7b libpng-1.2.37-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical software update slackware libpng image threat uninitialized memory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg libpng-1.2.37-i486-1_slack12.2.tgz

Related News

Your message here