full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] FLEA-2007-0018-1: libpng

[Full-disclosure] FLEA-2007-0018-1: libpng

From: Foresight Linux Essential Announcement Service <foresight-security-noreply_at_nospam>
Date: Thu May 17 2007 - 22:44:15 GMT
To: foresight-security-announce@lists.rpath.org


-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Foresight Linux Essential Advisory: 2007-0018-1 Published: 2007-05-17

Rating: Minor

Updated Versions:

    libpng=/conary.rpath.com@rpl:devel//1/1.2.18-1-0.1     group-dist=/foresight.rpath.org@fl:1-devel//1/1.2.2-0.9-1

References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242     http://lwn.net/Articles/232675/

References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445     https://issues.rpath.com/browse/RPL-1381

Description:

    Previous versions of the libpng package can cause applications to crash when loading malformed PNG files. It is not currently known whether this vulnerability can be exploited to execute malicious code.

  • ---

Copyright 2007 Foresight Linux Project
Portions Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.foresightlinux.org/permanent/mit-license.html

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.4 (GNU/Linux)

iD8DBQFGTNq/0e1Yawpq2XMRAvLkAKDK8z7aVQH/B3Of5oMXWtgNOqnhYgCgmVe7 X/56HurpxqxSKcypAlL441o=
=2dEu
-----END PGP SIGNATURE-----



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/