Bugtraq mailing list archives

rPSA-2006-0133-1 libpng

From: "Justin M. Forbes" <jmforbes () rpath com>
Date: Wed, 19 Jul 2006 15:47:27 -0400

rPath Security Advisory: 2006-0133-1
Published: 2006-07-19
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    User Non-deterministic Unauthorized Access
Updated Versions:
    libpng=/conary.rpath.com@rpl:devel//1/1.2.12-2-0.1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
    https://issues.rpath.com/browse/RPL-517

Description:
    Previous versions of the libpng package contain a weakness in
    processing images that is known to create a denial of service
    vulnerability and is expected also to allow unauthorized access.
    This weakness is triggered by malformed png images that may be
    provided to applications such as web browsers by an attacker.

Current thread:

rPSA-2006-0133-1 libpng Justin M. Forbes (Jul 19)