GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Oct 05, 2010 10:26 pm Post subject: [ GLSA 201010-01 ] Libpng: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: Libpng: Multiple vulnerabilities (GLSA 201010-01)
Severity: normal
Exploitable: remote
Date: October 05, 2010
Updated: June 02, 2014
Bug(s): #307637, #324153, #335887
ID: 201010-01
Synopsis
Multiple vulnerabilities in libpng might lead to privilege
escalation or a Denial of Service.
Background
libpng is a standard library used to process PNG (Portable Network
Graphics) images. It is used by several programs, including web browsers
and potentially server processes.
Affected Packages
Package: media-libs/libpng
Vulnerable: < 1.4.3
Unaffected: >= 1.4.3
Unaffected: >= 1.2.46 < 1.2.47
Unaffected: >= 1.2.47 < 1.2.48
Unaffected: >= 1.2.49 < 1.2.50
Unaffected: >= 1.2.50 < 1.2.51
Unaffected: >= 1.2.51 < 1.2.52
Architectures: All supported architectures
Description
Multiple vulnerabilities were found in libpng: - The png_decompress_chunk() function in pngrutil.c does not properly
handle certain type of compressed data (CVE-2010-0205)
- A buffer overflow in pngread.c when using progressive applications
(CVE-2010-1205)
- A memory leak in pngrutil.c when dealing with a certain type of
chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked
against the library to crash or execute arbitrary code with the
permissions of the user running the vulnerable program, which could be
the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng 1.4 users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
| All libpng 1.2 users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.46"
|
References
CVE-2010-0205
CVE-2010-1205
CVE-2010-2249
Last edited by GLSA on Tue Jun 03, 2014 4:29 am; edited 7 times in total |
|