Lucene search
GoogleOSV:DSA-3546-1HistoryApr 07, 2016 - 12:00 a.m.
optipng - security update
2016-04-0700:00:00
Google
osv.dev
6
0.034 Low
EPSS
Percentile
91.5%
Hans Jerry Illikainen discovered that missing input sanitising in the
BMP processing code of the optipng PNG optimiser may result in denial of
service or the execution of arbitrary code if a malformed file is
processed.
For the oldstable distribution (wheezy), this problem has been fixed
in version 0.6.4-1+deb7u2. This update also fixes CVE-2015-7801,
which was originally targeted for a wheezy point update.
For the stable distribution (jessie), this problem has been fixed in
version 0.7.5-1+deb8u1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your optipng packages.
References
Related
nessus
nessus
Debian DLA-332-1 : optipng security update
2015-10-23 00:00:00
FreeBSD : optipng -- use-after-free vulnerability (bab05188-5d4b-11e5-9ad8-14dae9d210b8)
2015-09-18 00:00:00
Debian DSA-3546-1 : optipng - security update
2016-04-13 00:00:00
debiancve
debiancve
CVE-2015-7801
2016-04-20 16:59:01
prion
prion
Design/Logic Flaw
2016-04-20 16:59:00
openvas
openvas
Debian: Security Advisory (DLA-332-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3546-1 (optipng - security update)
2016-04-07 00:00:00
Debian: Security Advisory (DSA-3546-1)
2016-04-06 00:00:00
freebsd
freebsd
optipng -- use-after-free vulnerability
2015-09-16 00:00:00
ubuntucve
ubuntucve
CVE-2015-7801
2015-10-12 00:00:00
cvelist
cvelist
CVE-2015-7801
2016-04-20 16:00:00
nvd
nvd
CVE-2015-7801
2016-04-20 16:59:01
cve
cve
CVE-2015-7801
2016-04-20 16:59:01
osv
osv
optipng - security update
2015-10-22 00:00:00
debian
debian
[SECURITY] [DLA 332-1] optipng security update
2015-10-22 19:21:33
[SECURITY] [DSA 3546-1] optipng security update
2016-04-07 21:17:34
ubuntu
ubuntu
OptiPNG vulnerabilities
2016-04-18 00:00:00