From secunia: CRITICAL: Not critical IMPACT: DoS WHERE: From remote SOFTWARE: libpng 1.x http://secunia.com/advisories/product/3439/ DESCRIPTION: A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak error within the "png_handle_tEXt()" function in pngrutil.c. This can be exploited to potentially exhaust all available memory via a specially crafted PNG image. The vulnerability is reported in version 1.2.32. Other versions may also be affected. SOLUTION: Fixed in version 1.2.33rc02. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624
base-system, can we have a unaffected version (libpng-1.2.33rc02 is what secunia says), please?
Created attachment 170150 [details, diff] libpng-1.2.33rc02-1.2.33rc01.patch changes from rc01 to rc02
The patch applies to 1.2.26 as well (with some fuzz), but png_struct was changed since then, so it does not work.
FYI libpng-1.2.33 is in the tree and has been for a while ...
Arches, please test and mark stable: =media-libs/libpng-1.2.33 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
amd64/x86 stable
ppc stable
Stable for HPPA.
alpha/arm/ia64/sparc stable
ppc64 done
Ready for vote, I vote YES.
Yes, too. Request filed.
GLSA 200903-28