blob: 6db1c7610f83015431fa181924af18a503cbf93e [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200607-06">
<title>libpng: Buffer overflow</title>
A buffer overflow has been found in the libpng library that could lead to
the execution of arbitrary code.
<product type="ebuild">libpng</product>
<announced>July 19, 2006</announced>
<revised>July 19, 2006: 01</revised>
<package name="media-libs/libpng" auto="yes" arch="*">
<unaffected range="ge">1.2.12</unaffected>
<vulnerable range="lt">1.2.12</vulnerable>
<package name="app-emulation/emul-linux-x86-baselibs" auto="yes" arch="amd64">
<unaffected range="ge">2.5.1</unaffected>
<vulnerable range="lt">2.5.1</vulnerable>
libpng is an open, extensible image format library, with lossless
In pngrutil.c, the function png_decompress_chunk() allocates
insufficient space for an error message, potentially overwriting stack
data, leading to a buffer overflow.
<impact type="normal">
By enticing a user to load a maliciously crafted PNG image, an attacker
could execute arbitrary code with the rights of the user, or crash the
application using the libpng library, such as the
There is no known workaround at this time.
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=media-libs/libpng-1.2.12&quot;</code>
All AMD64 emul-linux-x86-baselibs users should also upgrade to the
latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-emulation/emul-linux-x86-baselibs-2.5.1&quot;</code>
<uri link="">libpng Changelog</uri>
<uri link="">CVE-2006-3334</uri>
<metadata tag="requester" timestamp="Tue, 04 Jul 2006 14:10:20 +0000">
<metadata tag="submitter" timestamp="Tue, 04 Jul 2006 18:53:23 +0000">
<metadata tag="bugReady" timestamp="Mon, 17 Jul 2006 16:54:49 +0000">