[libpng16_16 0005259]: Security -- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Sun Nov 15 02:05:54 CET 2015
The following issue has been SUBMITTED.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5259
======================================================================
Reported By: jubal
Assigned To:
======================================================================
Project: libpng16_16
Issue ID: 5259
Category:
Reproducibility: N/A
Severity: major
Priority: normal
Status: new
======================================================================
Date Submitted: 2015-11-15 02:05 CET
Last Modified: 2015-11-15 02:05 CET
======================================================================
Summary: Security --
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
Description:
Recent vulnerability in libpng - excerpt from their website:
"Virtually all libpng versions through 1.6.18, 1.5.23, 1.4.16, 1.2.53, and
1.0.63, respectively, have a potential out-of-bounds read in
png_set_tIME()/png_convert_to_rfc1123() and an out-of-bounds write in
png_get_PLTE()/png_set_PLTE(). At least the former vulnerability has been
assigned ID CVE-2015-7981. Both are fixed in versions 1.6.19, 1.5.24,
1.4.17, 1.2.54, and 1.0.64, released on 12 November 2015."
======================================================================
More information about the bug-notifications
mailing list