An update that fixes one vulnerability is now available.
Description:
This update for pngcheck fixes the following issues:
version update to 3.0.3 [boo#1202662]
version update to 3.0.0
* tweaked color definitions slightly to work better on terminals with
white/light backgrounds
* fixed DHDR (pre-MNG-1.0) bug identified by Winfried <szukw000(a)arcor.de>
* added eXIf support (GRR: added check for II/MM/unknown format)
* converted static const help/usage-related strings to macros so
-Werror=format-security doesn't trigger (Ben Beasley)
* added (help2man-generated) man pages for all three utils added
top-level LICENSE file; fixed various compiler warnings
* fixed buffer-overflow vulnerability discovered by "giantbranch of
NSFOCUS Security Team" *
https://bugzilla.redhat.com/show_bug.cgi?id=1897485
* found and fixed four additional vulnerabilities (null-pointer
dereference and three buffer overruns)
* an off-by-one bug in check_magic() (Lucy Phipps)
* converted two zlib-version warnings/errors to go to stderr (Lemures
Lemniscati, actually from 20180318; forwarded by LP)
* fixed another buffer-overflow vulnerability discovered by "giantbranch
of NSFOCUS Security Team"
https://bugzilla.redhat.com/show_bug.cgi?id=1905775
* removed -f ("force") option due to multiple security issues
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10142=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | < 15-SP3 (aarch64 i586 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.aarch64.rpm |
openSUSE Backports SLE | 15-SP3 | i586 | - opensuse backports sle | < 15-SP3 (aarch64 i586 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.i586.rpm |
openSUSE Backports SLE | 15-SP3 | ppc64le | - opensuse backports sle | < 15-SP3 (aarch64 i586 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.ppc64le.rpm |
openSUSE Backports SLE | 15-SP3 | s390x | - opensuse backports sle | < 15-SP3 (aarch64 i586 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.s390x.rpm |
openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | < 15-SP3 (aarch64 i586 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.x86_64.rpm |