FS#43213 : [libpng] heap buffer overflow

FS#43213 - [libpng] heap buffer overflow

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Wednesday, 24 December 2014, 09:05 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 24 December 2014, 12:04 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

A heap buffer overflow has been found [1] in libpng <= 1.6.15, and fixed in 1.6.16 [2]. Code execution may be possible as the flaw allows a controlled write, so I believe we should upgrade quickly whenever possible.

[1] http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
[2] http://sourceforge.net/p/png-mng/mailman/message/33173461/

This task depends upon

Closed by Jan de Groot (JGC)
Wednesday, 24 December 2014, 12:04 GMT
Reason for closing: Fixed

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#43213 - [libpng] heap buffer overflow

Details

Loading...