| Description: | Updated libpng and libpng10 packages that fix a couple of security issuesare now available for Red Hat Enterprise Linux 2.1, 4, and 5.This update has been rated as having moderate security impact by the RedHat Security Response Team.The libpng packages contain a library of functions for creating andmanipulating PNG (Portable Network Graphics) image format files.A flaw was discovered in libpng that could result in libpng trying tofreerandom memory if certain, unlikely error conditions occurred. If acarefully-crafted PNG file was loaded by an application linked againstlibpng, it could cause the application to crash or, potentially, executearbitrary code with the privileges of the user running the application.(CVE-2009-0040) |