[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200607191947.k6JJlRJw005558@lambchop.rdu.rpath.com>
Date: Wed, 19 Jul 2006 15:47:27 -0400
From: "Justin M. Forbes" <jmforbes@...th.com>
To: security-announce@...ts.rpath.com, update-announce@...ts.rpath.com
Cc: lwn@....net, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: rPSA-2006-0133-1 libpng
rPath Security Advisory: 2006-0133-1
Published: 2006-07-19
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
User Non-deterministic Unauthorized Access
Updated Versions:
libpng=/conary.rpath.com@rpl:devel//1/1.2.12-2-0.1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
https://issues.rpath.com/browse/RPL-517
Description:
Previous versions of the libpng package contain a weakness in
processing images that is known to create a denial of service
vulnerability and is expected also to allow unauthorized access.
This weakness is triggered by malformed png images that may be
provided to applications such as web browsers by an attacker.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists