Summary: | <media-libs/libpng-1.6.8: unhandled zero-length PLTE chunk or NULL palette (CVE-2013-6954) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1045561 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-12-21 13:37:38 UTC
1.6.8 is now in Portage with a fix to this, but since this never affected the 1.5.x series which is the current stable, there is no stabilization required at this time so I believe this should be closed as resolved, fixed now? (In reply to Samuli Suominen from comment #1) > so I believe this should be closed as resolved, fixed now? Yes, thanks. CVE-2013-6954 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954): The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c. |