U radu programskih paketa libpng i libpng10, distribuiranih s operacijskim sustavom Fedora 17, uočena je sigurnosna ranjivost. Udaljeni ju napadač može iskoristiti za pokretanje proizvoljnog programskog koda.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-4902
2012-03-30 02:53:25
--------------------------------------------------------------------------------

Name        : libpng10
Product     : Fedora 17
Version     : 1.0.59
Release     : 1.fc17
URL         : http://www.libpng.org/pub/png/libpng.html
Summary     : Old version of libpng, needed to run old binaries
Description :
The libpng10 package contains an old version of libpng, a library of functions
for creating and manipulating PNG (Portable Network Graphics) image format
files.

This package is needed if you want to run binaries that were linked dynamically
with libpng 1.0.x.

--------------------------------------------------------------------------------
Update Information:

This update includes a fix for a potential memory corruption issue
(CVE-2011-3048).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #808139 - CVE-2011-3048 libpng: memory corruption flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=808139
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libpng10' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-5526
2012-04-08 16:19:26
--------------------------------------------------------------------------------

Name        : libpng
Product     : Fedora 17
Version     : 1.5.10
Release     : 1.fc17
URL         : http://www.libpng.org/pub/png/
Summary     : A library of functions for manipulating PNG image format files
Description :
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.  PNG
is a bit-mapped graphics format similar to the GIF format.  PNG was
created to replace the GIF format, since GIF uses a patented data
compression algorithm.

Libpng should be installed if you need to manipulate PNG format image
files.

--------------------------------------------------------------------------------
Update Information:

Fix minor security issue (CVE-2011-3048)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #808139 - CVE-2011-3048 libpng: memory corruption flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=808139
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libpng' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce