OpenPKG Security Advisory
OpenPKG-SA-2006.011
Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2006.011 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2006.011 Advisory Published: 2009-07-04 16:10 UTC Issue Id (internal): OpenPKG-SI-20060628.01 Issue First Created: 2006-06-28 Issue Last Modified: 2006-11-29 Issue Revision: 08
Subject Name: libpng Subject Summary: Portable Network Graphics (PNG) Image Format Library Subject Home: http://www.libpng.org/pub/png/ Subject Versions: * <= 1.2.10 Vulnerability Id: none Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: local system Attack Impact: denial of service Description: The Portable Network Graphics (PNG) [1] library contains a vulnerability caused by a potential sprintf(3) related buffer overflow. References: [1] http://www.libpng.org/pub/png/
Primary Package Name: png Primary Package Home: http://openpkg.org/go/package/png Affected Distribution: Affected Branch: Affected Package: OpenPKG Community 2.5-SOLID png-1.2.8-2.5.0 OpenPKG Community 2-STABLE-20060622 png-1.2.10-2.20060622 OpenPKG Community 2-STABLE png-1.2.10-2.20060622 OpenPKG Community CURRENT png-1.2.10-20060524 Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Community 2.5-SOLID png-1.2.8-2.5.1 OpenPKG Community 2-STABLE-20060622 png-1.2.12-2.20060628 OpenPKG Community 2-STABLE png-1.2.12-2.20060628 OpenPKG Community CURRENT png-1.2.12-20060628
