Alerts This Week
Warning Icon 1 1,003
Alerts This Week
Warning Icon 1 1,003

SUSE libpng15 Moderate Buffer Overflow Security Update 2026-2619-1

suse
Calendar Grey June 24, 2026
Dist Suse Esm H88
Update released for SUSE to fix buffer overflow in libpng15, addressing moderate severity vulnerabilities.
An update that solves one vulnerability and contains one feature can now be installed.

Summary

## This update for libpng15 fixes the following issues Security issues: * CVE-2025-64720: buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159). Non security issue: * version update to 1.5.30 (jsc#PED-16191). Changes for libpng15: * Replaced "unexpected" with an integer in pngset.c where a long was expected, to avoid a compiler warning when PNG_DEBUG > 1. * Fix typecast in a png_debug2() statement in png_set_text_2() to avoid a compiler warning in PNG_DEBUG builds. * Avoid Coverity issue 80858 (REVERSE NULL) in pngtest.c PNG_DEBUG builds. * Avoid a harmless potential integer overflow in png_XYZ_from_xy() (Bug report from Christopher Ferris). * Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the compiled

Topics%20covered

Topics Covered

security advisory moderate update buffer overflow SuSE libpng15

References

* bsc#1254159

* jsc#PED-16191

Cross-

* CVE-2025-64720

CVSS scores:

* CVE-2025-64720 ( SUSE ): 6.9

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-64720 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

* CVE-2025-64720 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Affected Products:

* SUSE Linux Enterprise Server 12 SP5

* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security

* SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves one vulnerability and contains one feature can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2025-64720.html

* https://bugzilla.suse.com/show_bug.cgi?id=1254159

* https://jira.suse.com/browse/PED-16191

Severity
moderate
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2619-1
Release Date: 2026-06-24T09:03:55Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update buffer overflow SuSE libpng15

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here