Updated libpng and libpng12 packages fix security vulnerability: The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c .