| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Apr 2008 16:38:47 +0300 From: Liran Cohen <theog@....co.il> Cc: bugtraq@...urityfocus.com Subject: Re: rPSA-2008-0151-1 libpng Anyone has any more info about this? maybe a tool or a document as of how to test this issue? Thanks. Liran rPath Update Announcements wrote: > rPath Security Advisory: 2008-0151-1 > Published: 2008-04-29 > Products: > rPath Linux 1 > rPath Appliance Platform Linux Service 1 > > Rating: Major > Exposure Level Classification: > Indirect User Deterministic Unauthorized Access > Updated Versions: > libpng=conary.rpath.com@rpl:1/1.2.26-2.1-1 > > rPath Issue Tracking System: > https://issues.rpath.com/browse/RPL-2440 > > References: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 > > Description: > Previous versions of the libpng package may allow indirect attackers > who provide maliciously crafted PNG images to execute arbitrary code > in applications that use the libpng library. > > http://wiki.rpath.com/Advisories:rPSA-2008-0151 > > Copyright 2008 rPath, Inc. > This file is distributed under the terms of the MIT License. > A copy is available at http://www.rpath.com/permanent/mit-license.html > -- Liran Cohen RCT Internet Solutions http://www.rct.co.il http://www.theg.org http://www.wood-wonders.net http://www.icon-a.com
Powered by blists - more mailing lists