[Png-mng-security] Vulnerability in libpng sPLT chunk handling
Greg Roelofs
newt at pobox.com
Sat Nov 11 18:11:24 UTC 2006
>> BTW, Red Hat's security folk were already informed of this and don't
>> think it's a critical issue, because they don't see any crash.
>> My ancient copy of 1.0.5 doesn't crash either. Maybe it's only a big
>> problem in the latest releases? Or am I missing something?
I was unable to trigger a crash with anything but pngtest on x86/Linux
2.4.x/glibc 2.3.x. But pngtest crashes reliably.
Greg
More information about the png-mng-security-archive
mailing list