From ${URL} : there is a underflow read in png_check_keyword in pngwutil.c in libpng-1.2.54, which is found by XiaoQixue and ChenYu. if the data of "key" is only ' ' (0x20), it will read a byte before the buffer in line 1288. it also impacts libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 . the details as follows: https://sourceforge.net/p/libpng/bugs/244/ @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
commit 11e6585c2bffe51b132b1dbf63cf7daa61791391 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Sat Jan 16 11:36:44 2016 media-libs/libpng: Bump to versions 1.2.56, 1.5.26 and 1.6.21 Package-Manager: portage-2.2.26 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Arches please test and mark stable the following versions: =media-libs/libpng-1.2.56: amd64 x86 =media-libs/libpng-1.5.26: amd64 x86
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
commit 6b850475b834437bc0016db3233ce079f8d48cd2 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Sat Jan 16 12:25:02 2016 media-libs/libpng: Security cleanup (bug #568216). Package-Manager: portage-2.2.26 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Added to existing GLSA request
This issue was resolved and addressed in GLSA 201611-08 at https://security.gentoo.org/glsa/201611-08 by GLSA coordinator Aaron Bauman (b-man).
