rPSA-2006-0133-1 libpng

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2006-0133-1 libpng
From: "Justin M. Forbes" <jmforbes@xxxxxxxxx>
Date: Wed, 19 Jul 2006 15:47:27 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2006-0133-1
Published: 2006-07-19
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    User Non-deterministic Unauthorized Access
Updated Versions:
    libpng=/conary.rpath.com@rpl:devel//1/1.2.12-2-0.1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
    https://issues.rpath.com/browse/RPL-517

Description:
    Previous versions of the libpng package contain a weakness in
    processing images that is known to create a denial of service
    vulnerability and is expected also to allow unauthorized access.
    This weakness is triggered by malformed png images that may be
    provided to applications such as web browsers by an attacker.

Prev by Date: Re: osDate 1.1.7 multiple vulnerabilities
Next by Date: Cisco MARS < 4.2.1 remote compromise
Previous by thread: Security point-of-contact for Ameritrade?
Next by thread: Cisco MARS < 4.2.1 remote compromise
Index(es):
- Date
- Thread