|Package(s):||libpng||CVE #(s):||CVE-2009-5063 CVE-2011-3464|
|Created:||June 22, 2012||Updated:||October 22, 2012|
From the Gentoo advisory:
Multiple vulnerabilities have been discovered in libpng:
* The "embedded_profile_len()" function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063).
* The "png_formatted_warning()" function in pngerror.c contains an off-by-one error (CVE-2011-3464).
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds