[Png-mng-security] Draft 02 security advisory for zero-length unknown chunk bug
Glenn Randers-Pehrson
glennrp at comcast.net
Sat Apr 12 14:32:50 UTC 2008
At 02:21 PM 4/11/2008 -0400, Glenn Randers-Pehrson wrote:
>Draft 02, April 11, 2008 (glennrp):
>
>Libpng-1.2.26 security advisory -- April 12, 2008
>
>This bug has been identified as CVE-2008-1382.
I've posted this advisory without any further changes to png-mng-announce and
png-mng-implement, and have posted copies at the PNG ftp site and SourceForge.
Tavis, please pass a copy to your vendor-sec group and to anyone else you want.
Any further discussion of this can occur on png-mng-implement at lists.sf.net
Glenn
More information about the png-mng-security-archive
mailing list