Denial of Service in libpng
ID: | FEDORA-2017-cf1944f480 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | Mi, 12. April 2017, 23:31 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 |
Applikationen: | libpng |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-cf1944f480 2017-04-12 14:48:58.697887 -------------------------------------------------------------------------------- Name : libpng15 Product : Fedora 25 Version : 1.5.28 Release : 1.fc25 URL : http://www.libpng.org/pub/png/ Summary : Old version of libpng, needed to run old binaries Description : The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG (Portable Network Graphics) image format files. This version should be used only if you are unable to use the current version of libpng. -------------------------------------------------------------------------------- Update Information: * Update to upstream release **1.5.28**. * Fixes **CVE-2016-10087**. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409617 - CVE-2016-10087 libpng: NULL pointer dereference in png_set_text_2() https://bugzilla.redhat.com/show_bug.cgi?id=1409617 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libpng15' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |