LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2008-4910 (libpng)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 9 Update: libpng-1.2.29-1.fc9


Date:
    	      Tue, 03 Jun 2008 07:34:52 +0000


Message-ID:
    	      <200806030734.m537Y9mo006790@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-4910
2008-06-03 04:38:09
--------------------------------------------------------------------------------

Name        : libpng
Product     : Fedora 9
Version     : 1.2.29
Release     : 1.fc9
URL         : http://www.libpng.org/pub/png/
Summary     : A library of functions for manipulating PNG image format files
Description :
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.  PNG
is a bit-mapped graphics format similar to the GIF format.  PNG was
created to replace the GIF format, since GIF uses a patented data
compression algorithm.

Libpng should be installed if you need to manipulate PNG format image
files.

--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 1.2.29.    Among other bug fixes, this introduces
a minor security fix in the handling of unknown chunks - CVE-2008-1382:
http://libpng.sourceforge.net/Advisory-1.2.26.txt
http://www.ocert.org/advisories/ocert-2008-003.html
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 31 2008 Tom Lane <tgl@redhat.com> 2:1.2.29-1
- Update to libpng 1.2.29 (fixes low-priority security issue CVE-2008-1382)
Related: #441839
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #441839 - CVE-2008-1382 libpng unknown chunk handling flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=441839
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libpng' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds