MDVSA-2009:051 -- Mandriva libpng
|ID: oval:org.secpod.oval:def:300969||Date: (C)2012-01-07 (M)2017-10-04|
|Class: PATCH||Family: unix|
A number of vulnerabilities have been found and corrected in libpng: Fixed 1-byte buffer overflow in pngpread.c . This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword that allowed setting arbitrary bytes in the process memory to 0 . Fix a potential DoS or to potentially compromise an application using the library . The updated packages have been patched to prevent this.
|Mandriva Linux 2009.0|
|Mandriva Linux 2008.1|
|Mandriva Linux 2008.0|