Summary: | <media-libs/libpng-1.{2.56,5.26}: out-of-range read in png_check_keyword() (CVE-2015-8540) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, flow |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/12/10/6 | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-12-14 11:32:59 UTC
commit 11e6585c2bffe51b132b1dbf63cf7daa61791391 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Sat Jan 16 11:36:44 2016 media-libs/libpng: Bump to versions 1.2.56, 1.5.26 and 1.6.21 Package-Manager: portage-2.2.26 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Arches please test and mark stable the following versions: =media-libs/libpng-1.2.56: amd64 x86 =media-libs/libpng-1.5.26: amd64 x86 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. commit 6b850475b834437bc0016db3233ce079f8d48cd2 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Sat Jan 16 12:25:02 2016 media-libs/libpng: Security cleanup (bug #568216). Package-Manager: portage-2.2.26 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Added to existing GLSA request This issue was resolved and addressed in GLSA 201611-08 at https://security.gentoo.org/glsa/201611-08 by GLSA coordinator Aaron Bauman (b-man). |