The libpng packages contain a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.
A heap-based buffer overflow flaw was found in libpng. An attacker could
create a specially-crafted PNG image that, when opened, could cause an
application using libpng to crash or, possibly, execute arbitrary code with
the privileges of the user running the application. (CVE-2011-3026)
Users of libpng and libpng10 should upgrade to these updated packages,
which contain a backported patch to correct this issue. All running
applications using libpng or libpng10 must be restarted for the update to
take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ia64 | libpng | < 1.2.7-9.el4 | libpng-1.2.7-9.el4.ia64.rpm |
RedHat | 4 | ia64 | libpng-devel | < 1.2.7-9.el4 | libpng-devel-1.2.7-9.el4.ia64.rpm |
RedHat | 5 | s390x | libpng | < 1.2.10-15.el5_7 | libpng-1.2.10-15.el5_7.s390x.rpm |
RedHat | 5 | x86_64 | libpng | < 1.2.10-15.el5_7 | libpng-1.2.10-15.el5_7.x86_64.rpm |
RedHat | 4 | s390x | libpng10-devel | < 1.0.16-10.el4 | libpng10-devel-1.0.16-10.el4.s390x.rpm |
RedHat | 6 | ppc64 | libpng-static | < 1.2.46-2.el6_2 | libpng-static-1.2.46-2.el6_2.ppc64.rpm |
RedHat | 6 | i686 | libpng-static | < 1.2.46-2.el6_2 | libpng-static-1.2.46-2.el6_2.i686.rpm |
RedHat | 5 | ia64 | libpng-devel | < 1.2.10-15.el5_7 | libpng-devel-1.2.10-15.el5_7.ia64.rpm |
RedHat | 4 | ppc64 | libpng | < 1.2.7-9.el4 | libpng-1.2.7-9.el4.ppc64.rpm |
RedHat | 6 | s390 | libpng-devel | < 1.2.46-2.el6_2 | libpng-devel-1.2.46-2.el6_2.s390.rpm |