[Png-mng-security] libpng: memory overwrite (png_check_keyword()) [SuSE]
Greg Roelofs
newt at pobox.com
Mon Feb 9 21:42:30 UTC 2009
Is this an old bug that SuSE just got around to fixing, or a new one that
hasn't been reported here?
http://lwn.net/Alerts/317619/
- libpng
This update of libpng fixes the function png_check_keyword() that
allowed setting arbitrary bytes in the process memory to 0.
(CVE-2008-5907)
Affected products: openSUSE 10.3-11.1, OES, SLES9, NLD9, SLES 10,
SLED10
Greg
More information about the png-mng-security-archive
mailing list