LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libpng buffer overflow vulnerability

Package(s):libpng libpng2 libpng3 CVE #(s):
Created:July 17, 2002 Updated:August 19, 2002
Description: Versions of libpng prior to 1.2.4 and 1.0.14 have a buffer overflow vulnerability that could lead to remote code execution. Since libpng is used by programs that talk to the outside world (i.e. mozilla), it is worth upgrading.

libpng is the official PNG reference library. It supports almost all PNG features, is extensible, and has been extensively tested for over five years.
Alerts:
Eridani ERISA-2002:030 2002-07-25
Conectiva CLA-2002:512 2002-07-17
(Log in to post comments)

"ancient" libpng bug

Posted Jul 25, 2002 6:33 UTC (Thu) by dananderson (guest, #905) [Link]

This bug is relatively ancient. Most vendors fixed it earlier this year (winter and spring).

"ancient" libpng bug

Posted Aug 15, 2002 22:34 UTC (Thu) by sir99 (guest, #3286) [Link]

Are you sure you're not thinking of the zlib bug? This is a different one, first discovered in June I think.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds