User: Password:
|
|
Subscribe / Log in / New account

libpng: multiple vulnerabilities

Package(s):libpng CVE #(s):CVE-2009-5063 CVE-2011-3464
Created:June 22, 2012 Updated:October 22, 2012
Description:

From the Gentoo advisory:

Multiple vulnerabilities have been discovered in libpng:

* The "embedded_profile_len()" function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063).

* The "png_formatted_warning()" function in pngerror.c contains an off-by-one error (CVE-2011-3464).

Alerts:
Fedora FEDORA-2012-15613 mingw-libpng 2012-10-22
Gentoo 201206-15 libpng 2012-06-22

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds