CentOS ProjectCESA-2007:0992-01libpng security update
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.208 Low
EPSS
Percentile
96.3%
CentOS Errata and Security Advisory CESA-2007:0992-01
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.
Several flaws were discovered in the way libpng handled various PNG image
chunks. An attacker could create a carefully crafted PNG image file in
such a way that it could cause an application linked with libpng to crash
when the file was manipulated. (CVE-2007-5269)
Users should update to these updated packages which contain a backported
patch to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-October/076500.html
Affected packages:
libpng
libpng-devel
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 2 | i386 | libpng | < 1.0.14-11 | libpng-1.0.14-11.i386.rpm |
| CentOS | 2 | i386 | libpng-devel | < 1.0.14-11 | libpng-devel-1.0.14-11.i386.rpm |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.208 Low
EPSS
Percentile
96.3%