Oval Definition:oval:com.redhat.rhsa:def:20111103
Revision Date:2011-07-28Version:635
Title:RHSA-2011:1103: libpng security update (Moderate)
Description:The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

  • An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2692)

    Users of libpng and libpng10 should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-2692
    RHSA-2011:1103
    RHSA-2011:1103-01
    RHSA-2011:1103-01
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libpng is earlier than 2:1.2.7-8.el4
  • AND libpng is signed with Red Hat redhatrelease2 key
  • libpng-devel is earlier than 2:1.2.7-8.el4
  • AND libpng-devel is signed with Red Hat redhatrelease2 key
  • libpng10 is earlier than 0:1.0.16-9.el4
  • AND libpng10 is signed with Red Hat redhatrelease2 key
  • libpng10-devel is earlier than 0:1.0.16-9.el4
  • AND libpng10-devel is signed with Red Hat redhatrelease2 key
    • BACK