575214 – GLSA 201010-01 and 201206-15 trigger for media-libs/libpng-1.2.56

Bug 575214 - GLSA 201010-01 and 201206-15 trigger for media-libs/libpng-1.2.56

Summary: GLSA 201010-01 and 201206-15 trigger for media-libs/libpng-1.2.56

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	GLSA Errors (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Duplicates (1):	585462 (view as bug list)
Depends on:
Blocks:

Reported:	2016-02-20 11:15 UTC by Ernst Blecha
Modified:	2017-01-30 17:28 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
proposed fix, files in /usr/portag/metadata/glsa are unchanged (file_575214.txt,294 bytes, text/plain) 2016-02-20 11:15 UTC, Ernst Blecha	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ernst Blecha 2016-02-20 11:15:27 UTC

Created attachment 425982 [details]
proposed fix, files in /usr/portag/metadata/glsa are unchanged

Same problem as Bug 340261 and Bug 507372 but different versions of libpng are affected.

glsa-check is reporting the installed version of libpng (1.2.56) as vulnerable.

I expect this problem to pop up again with the next version of libpng.

Comment 1 Karl-Johan Karlsson 2016-03-25 06:54:53 UTC

This patch gets rid of the false positives from glsa-check on my systems.

Comment 2 Christian B. 2016-05-07 11:22:09 UTC

Any chance this patch will be applied. Last update is nearly two months ago.

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2016-07-01 06:40:55 UTC

Revision information added to both GLSA's.  Please reopen this bug should you still continue to have false positives.  Thank you for the report.

Comment 4 Zac Medico gentoo-dev

2017-01-30 17:28:29 UTC

*** Bug 585462 has been marked as a duplicate of this bug. ***