--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2009-2128
2009-02-26 15:02:45
--------------------------------------------------------------------------------Name        : libpng
Product     : Fedora 9
Version     : 1.2.35
Release     : 1.fc9
URL         : http://www.libpng.org/pub/png/
Summary     : A library of functions for manipulating PNG image format files
Description :
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.  PNG
is a bit-mapped graphics format similar to the GIF format.  PNG was
created to replace the GIF format, since GIF uses a patented data
compression algorithm.

Libpng should be installed if you need to manipulate PNG format image
files.

--------------------------------------------------------------------------------Update Information:

Fixes CVE-2009-0040
--------------------------------------------------------------------------------ChangeLog:

* Wed Feb 25 2009 Tom Lane  2:1.2.35-1
- Update to libpng 1.2.35, to fix CVE-2009-0040
* Fri Jan  9 2009 Tom Lane  2:1.2.34-1
- Update to libpng 1.2.34
* Sun Nov  2 2008 Tom Lane  2:1.2.33-1
- Update to libpng 1.2.33
* Sat May 31 2008 Tom Lane  2:1.2.29-1
- Update to libpng 1.2.29 (fixes low-priority security issue CVE-2008-1382)
Related: #441839
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #486355 - CVE-2009-0040 libpng arbitrary free() flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=486355
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update libpng' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 9 Update: libpng-1.2.35-1.fc9

February 26, 2009
Fixes CVE-2009-0040

Summary

The libpng package contains a library of functions for creating and

manipulating PNG (Portable Network Graphics) image format files. PNG

is a bit-mapped graphics format similar to the GIF format. PNG was

created to replace the GIF format, since GIF uses a patented data

compression algorithm.

Libpng should be installed if you need to manipulate PNG format image

files.

Fixes CVE-2009-0040

* Wed Feb 25 2009 Tom Lane 2:1.2.35-1

- Update to libpng 1.2.35, to fix CVE-2009-0040

* Fri Jan 9 2009 Tom Lane 2:1.2.34-1

- Update to libpng 1.2.34

* Sun Nov 2 2008 Tom Lane 2:1.2.33-1

- Update to libpng 1.2.33

* Sat May 31 2008 Tom Lane 2:1.2.29-1

- Update to libpng 1.2.29 (fixes low-priority security issue CVE-2008-1382)

Related: #441839

[ 1 ] Bug #486355 - CVE-2009-0040 libpng arbitrary free() flaw

https://bugzilla.redhat.com/show_bug.cgi?id=486355

su -c 'yum update libpng' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2009-2128 2009-02-26 15:02:45 Product : Fedora 9 Version : 1.2.35 Release : 1.fc9 URL : http://www.libpng.org/pub/png/ Summary : A library of functions for manipulating PNG image format files Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. Fixes CVE-2009-0040 * Wed Feb 25 2009 Tom Lane 2:1.2.35-1 - Update to libpng 1.2.35, to fix CVE-2009-0040 * Fri Jan 9 2009 Tom Lane 2:1.2.34-1 - Update to libpng 1.2.34 * Sun Nov 2 2008 Tom Lane 2:1.2.33-1 - Update to libpng 1.2.33 * Sat May 31 2008 Tom Lane 2:1.2.29-1 - Update to libpng 1.2.29 (fixes low-priority security issue CVE-2008-1382) Related: #441839 [ 1 ] Bug #486355 - CVE-2009-0040 libpng arbitrary free() flaw https://bugzilla.redhat.com/show_bug.cgi?id=486355 su -c 'yum update libpng' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 9
Version : 1.2.35
Release : 1.fc9
URL : http://www.libpng.org/pub/png/
Summary : A library of functions for manipulating PNG image format files

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved