Articles / SuSE: New libpng12 packages…

SuSE: New libpng12 packages fix security vulnerabilities

A heap-based buffer overflow in libpng was fixed that could potentially be exploited by attackers to execute arbitrary code or cause an application to crash. Updated packages are available from download.opensuse.org.

  openSUSE Security Update: libpng12: Fixed a heap based buffer overflow
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0316-1
Rating:             important
References:         #747311 
Cross-References:   CVE-2011-3026
Affected Products:
                   openSUSE 11.4
______________________________________________________________________________

  An update that fixes one vulnerability is now available. It
  includes one version update.

Description:

  A heap-based buffer overflow in libpng was fixed that could
  potentially be exploited by attackers to execute arbitrary
  code or cause an application to crash (CVE-2011-3026).

  libpng 1.2 was updated to 1.2.47 to fix this issue.


Patch Instructions:

  To install this openSUSE Security Update use YaST online_update.
  Alternatively you can run the command listed for your product:

  - openSUSE 11.4:

     zypper in -t patch libpng12-5846 libpng14-5847

  To bring your system up-to-date, use "zypper patch".


Package List:

  - openSUSE 11.4 (i586 x86_64) [New Version: 1.2.47]:

     libpng12-0-1.2.47-0.8.1
     libpng12-compat-devel-1.2.47-0.8.1
     libpng12-devel-1.2.47-0.8.1
     libpng14-14-1.4.4-3.6.1
     libpng14-compat-devel-1.4.4-3.6.1
     libpng14-devel-1.4.4-3.6.1

  - openSUSE 11.4 (x86_64) [New Version: 1.2.47]:

     libpng12-0-32bit-1.2.47-0.8.1
     libpng12-compat-devel-32bit-1.2.47-0.8.1
     libpng12-devel-32bit-1.2.47-0.8.1
     libpng14-14-32bit-1.4.4-3.6.1
     libpng14-compat-devel-32bit-1.4.4-3.6.1
     libpng14-devel-32bit-1.4.4-3.6.1


References:

  http://support.novell.com/security/cve/CVE-2011-3026.html
  https://bugzilla.novell.com/747311
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.