Oval Definition:oval:com.redhat.rhsa:def:20040249
Revision Date:2004-06-18Version:502
Title:RHSA-2004:249: libpng security update (Important)
Description:The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

During an audit of Red Hat Linux updates, the Fedora Legacy team found a security issue in libpng that had not been fixed in Red Hat Enterprise Linux 3. An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim.

Note: this issue does not affect Red Hat Enterprise Linux 2.1

Users are advised to upgrade to these updated packages that contain a backported security fix and are not vulnerable to this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2002-1363
RHSA-2004:249-01
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 3 is installed
  • AND Package Information
  • libpng is earlier than 2:1.2.2-24
  • AND libpng is signed with Red Hat master key
  • OR
  • libpng-devel is earlier than 2:1.2.2-24
  • AND libpng-devel is signed with Red Hat master key
  • OR
  • libpng10-devel is earlier than 0:1.0.13-14
  • AND libpng10-devel is signed with Red Hat master key
  • OR
  • libpng10 is earlier than 0:1.0.13-14
  • AND libpng10 is signed with Red Hat master key
    • BACK