Stay Secure with the Latest Linux Advisories

security advisorymoderateFedora

Ubuntu 11: 2010-1173 Moderate: OpenSSL Sensitive Data Bypass Patch

Fixes CVE-2009-0040. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-2128 2009-02-26 15:02:45 --------------------------------------------------------------------------------Name : libpng Product : Fedora 9 Version : 1.2.35 Release : 1.fc9 URL : http://www.libpng.org/pub/png/ Summary : A library of functions for manipulating PNG image format files Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. --------------------------------------------------------------------------------Update Information: Fixes CVE-2009-0040 --------------------------------------------------------------------------------ChangeLog: * Wed Feb 25 2009 Tom Lane 2:1.2.35-1 - Update to libpng 1.2.35, to fix CVE-2009-0040 * Fri Jan 9 2009 Tom Lane 2:1.2.34-1 - Update to libpng 1.2.34 * Sun Nov 2 2008 Tom Lane 2:1.2.33-1 - Update to libpng 1.2.33 * Sat May 31 2008 Tom Lane 2:1.2.29-1 - Update to libpng 1.2.29 (fixes low-priority security issue CVE-2008-1382) Related: #441839 --------------------------------------------------------------------------------References: [ 1 ] Bug #486355 - CVE-2009-0040 libpng arbitrary free() flaw https://bugzilla.redhat.com/show_bug.cgi?id=486355 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update libpng' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Patch addresses libjpeg vulnerability for better image protection in Fedora 10. Execute installation through dnf for increased reliability.. libpng update,Fedora image security,package update notification. . Severity: Important. LinuxSecurity.com Team

Feb 26, 2009 •Important Fedora