Updated libpng packages fix security vulnerabilities: An integer overflow leading to a heap-based buffer overflow was found in the png_set_sPLT and png_set_text_2 API functions of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_sPLT or png_set_text_2 function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application . An integer overflow leading to a heap-based buffer overflow was found in the png_set_unknown_chunks API function of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_unknown_chunks function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application .