DSA-3443-1 libpng -- libpngID: oval:org.secpod.oval:def:602338 | Date: (C)2016-01-27 (M)2024-01-29 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the libpng PNG library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8472 It was discovered that the original fix for CVE-2015-8126 was incomplete and did not detect a potential overrun by applications using png_set_PLTE directly. A remote attacker can take advantage of this flaw to cause a denial of service . CVE-2015-8540 Xiao Qixue and Chen Yu discovered a flaw in the png_check_keyword function. A remote attacker can potentially take advantage of this flaw to cause a denial of service .
Platform: |
Debian 8.x |
Debian 7.x |
Product: |
libpng12-dev |
libpng3 |