Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Slackware: libpng High Buffer Overflow Vulnerabilities SSA:2025-327-01

slackware
Calendar Grey November 23, 2025
Dist Slackware Esm H88
Hash: SHA1 [slackware-security] libpng (SSA:2025-327-01) New libpng packages are available for Slack
New libpng packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.51-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Fixed CVE-2025-64505 (moderate severity): Heap buffer overflow in `png_do_quantize` via malformed palette index. (Reported by Samsung; analyzed by Fabio Gritti.) Fixed CVE-2025-64506 (moderate severity): Heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled. (Reported by Samsung and ; analyzed by Fabio Gritti.) Fixed CVE-2025-64720 (high severity): Buffer overflow in `png_image_read_composite` via incorrect palette premultiplication. (Reported by Samsung; analyzed by John Bowler.) Fixed CVE-2025-65018 (high severity): Heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`. (Reported by .) For more information, see:

Read the Full Advisory

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libpng-1.6.51-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libpng-1.6.51-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpng-1.6.51-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpng-1.6.51-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: f5dbfd6dff4bbdee3c9350914afe5de8 libpng-1.6.51-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 0b421d8231739f499023560ea4ca926c libpng-1.6.51-x86_64-1_slack15.0.txz
Slackware -current package: 752c23a7fdbdf43a17d026c6859327b9 l/libpng-1.6.51-i686-1.txz
Slackware x86_64 -current package: 5a43a39f55fb7606daf43062e57dcdcc l/libpng-1.6.51-x86_64-1.txz

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg libpng-1.6.51-i586-1_slack15.0.txz

Your message here