LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:022: libpng Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been found and corrected in libpng: Integer overflow in libpng allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation (CVE-2011-3026). [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:022
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : libpng
 Date    : February 22, 2012
 Affected: 2010.1, 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in libpng:
 
 Integer overflow in libpng allows remote attackers to cause a denial
 of service or possibly have unspecified other impact via unknown
 vectors that trigger an integer truncation (CVE-2011-3026).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 c4855b723b25b62a8e80f27db90c15a3  2010.1/i586/libpng3-1.2.43-1.3mdv2010.2.i586.rpm
 0485c0180727805f96ae132a888827a3  2010.1/i586/libpng-devel-1.2.43-1.3mdv2010.2.i586.rpm
 26f1bff42f385116d55b1685feda0a1e  2010.1/i586/libpng-source-1.2.43-1.3mdv2010.2.i586.rpm
 f01bdae23b93da1536aed6c3131e8f85  2010.1/i586/libpng-static-devel-1.2.43-1.3mdv2010.2.i586.rpm 
 17738e1f426097875b5682cba8f16415  2010.1/SRPMS/libpng-1.2.43-1.3mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 0c8d9cd9c9e6f57ae72e442419a803df  2010.1/x86_64/lib64png3-1.2.43-1.3mdv2010.2.x86_64.rpm
 eed384ae359919c39c1ca442d0c303ba  2010.1/x86_64/lib64png-devel-1.2.43-1.3mdv2010.2.x86_64.rpm
 d10fafba157200fb9ddbade65ecc8d6d  2010.1/x86_64/lib64png-static-devel-1.2.43-1.3mdv2010.2.x86_64.rpm
 40f7967c617dc26e3e9e9cf6963ebcd0  2010.1/x86_64/libpng-source-1.2.43-1.3mdv2010.2.x86_64.rpm 
 17738e1f426097875b5682cba8f16415  2010.1/SRPMS/libpng-1.2.43-1.3mdv2010.2.src.rpm

 Mandriva Linux 2011:
 bd9413334a6960530e994f48d515b5e2  2011/i586/libpng3-1.2.46-1.1-mdv2011.0.i586.rpm
 08624bc6f3f185c91c20a5c11a37f7b5  2011/i586/libpng-devel-1.2.46-1.1-mdv2011.0.i586.rpm
 367296b0f78af677e2b8ca3e97a10375  2011/i586/libpng-source-1.2.46-1.1-mdv2011.0.i586.rpm
 ba795279eb1e7d3d1c7d6733ac1613f0  2011/i586/libpng-static-devel-1.2.46-1.1-mdv2011.0.i586.rpm 
 d9d76f9711fe8c91808550398c6fadb3  2011/SRPMS/libpng-1.2.46-1.1.src.rpm

 Mandriva Linux 2011/X86_64:
 48f1307f1927a8136765c2b1c93e5e84  2011/x86_64/lib64png3-1.2.46-1.1-mdv2011.0.x86_64.rpm
 60da8adfff64b0b0c505eacc211b8c7c  2011/x86_64/lib64png-devel-1.2.46-1.1-mdv2011.0.x86_64.rpm
 9cf527b249680266e28d7fad6cb9840f  2011/x86_64/lib64png-static-devel-1.2.46-1.1-mdv2011.0.x86_64.rpm
 dc3b6304233dcd785178f26e6cae0916  2011/x86_64/libpng-source-1.2.46-1.1-mdv2011.0.x86_64.rpm 
 d9d76f9711fe8c91808550398c6fadb3  2011/SRPMS/libpng-1.2.46-1.1.src.rpm

 Mandriva Enterprise Server 5:
 bd2f9ef883d4c7c650092136604c93d6  mes5/i586/libpng3-1.2.31-2.5mdvmes5.2.i586.rpm
 03a50f86d3bec91252f194851ce97d37  mes5/i586/libpng-devel-1.2.31-2.5mdvmes5.2.i586.rpm
 f7dab6addec1e0961fd09ac145923b4d  mes5/i586/libpng-source-1.2.31-2.5mdvmes5.2.i586.rpm
 170753445a4511900ea260a65a27fc21  mes5/i586/libpng-static-devel-1.2.31-2.5mdvmes5.2.i586.rpm 
 fe12ec7437628c735fb4e52a814d79b7  mes5/SRPMS/libpng-1.2.31-2.5mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 5c696961a091bcf67bc6715c96a14459  mes5/x86_64/lib64png3-1.2.31-2.5mdvmes5.2.x86_64.rpm
 88eea8de1c1e4e43498dbffabfedf96a  mes5/x86_64/lib64png-devel-1.2.31-2.5mdvmes5.2.x86_64.rpm
 011fcf8505018f3aa3cd4a08289b80ff  mes5/x86_64/lib64png-static-devel-1.2.31-2.5mdvmes5.2.x86_64.rpm
 1ba894529af1775bf39e41f1b7726dc4  mes5/x86_64/libpng-source-1.2.31-2.5mdvmes5.2.x86_64.rpm 
 fe12ec7437628c735fb4e52a814d79b7  mes5/SRPMS/libpng-1.2.31-2.5mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.