| Revision Date: | 2004-05-19 | Version: | 502 |
| Title: | RHSA-2004:180: libpng security update (Important) |
| Description: | The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.
Steve Grubb discovered a out of bounds memory access flaw in libpng. An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash when opened by a victim. This issue may not be used to execute arbitrary code.
Users are advised to upgrade to these updated packages that contain a backported security fix not vulnerable to this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2004-0421
RHSA-2004:180-01
|
| Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 3 is installed AND Package Information
libpng is earlier than 2:1.2.2-21
AND libpng is signed with Red Hat master key
OR
libpng-devel is earlier than 2:1.2.2-21
AND libpng-devel is signed with Red Hat master key
OR
libpng10-devel is earlier than 0:1.0.13-12
AND libpng10-devel is signed with Red Hat master key
OR
libpng10 is earlier than 0:1.0.13-12
AND libpng10 is signed with Red Hat master key
|