Several versions of libpng through 1.4.2 (and through 1.2.43 in the older series) contain a bug whereby progressive applications such as web browsers (or the rpng2 demo app included in libpng) could receive an extra row of image data beyond the height reported in the header, potentially leading to an out-of-bounds write to memory (depending on how the application is written) and the possibility of execution of an attacker's code with the privileges of the libpng user (including remote compromise in the case of a libpng-based browser visiting a hostile web site). This vulnerability has been assigned ID CVE-2010-1205 (via Mozilla). An additional memory-leak bug, involving images with malformed sCAL chunks, is also present; it could lead to an application crash (denial of service) when viewing such images. http://www.libpng.org/pub/png/libpng.html CVE-2010-1205 Fix: The API changes in 1.4.3. seems backward compatible. Old xv and gqview binaries tested sucessful with new shared lib. The dither function have been enabled in the port 1.4.1_1, because a few ports still uses this API. In 1.4.3. the API is back with new name. Old knews binary tested sucessful with new shared lib. Impact: Packages should eb rebuild to record the new dependency. Please have an exp run to see if there is any breakage. Please approve the patch below. How-To-Repeat: Update needs appoval from portmrg@
Class Changed From-To: maintainer-update->change-request Fix category (submitter is not maintainer) (via the GNATS Auto Assign Tool)
Responsible Changed From-To: freebsd-ports-bugs->dinoex Over to maintainer (via the GNATS Auto Assign Tool)
Responsible Changed From-To: dinoex->portmgr over for review and approval
Class Changed From-To: change-request->maintainer-update Note that this is a maintainer update. While I'm there tag it as [security] as this is rather critical issue.
State Changed From-To: open->closed
Responsible Changed From-To: portmgr->dinoex Looks good -- i have just committed it, to cut down on time the port is still forbidden. Hope you don't mind
pav 2010-06-29 13:14:53 UTC FreeBSD ports repository Modified files: graphics/png Makefile distinfo graphics/png/files patch-libpng.pc.in Removed files: graphics/png/files patch-pngconf.h Log: - Update to 1.4.3 PR: ports/148214 Submitted by: dinoex (maintainer) Approved by: portmgr Security: CVE-2010-1205 Feature safe: yes Revision Changes Path 1.111 +1 -4 ports/graphics/png/Makefile 1.56 +6 -6 ports/graphics/png/distinfo 1.5 +1 -1 ports/graphics/png/files/patch-libpng.pc.in 1.2 +0 -11 ports/graphics/png/files/patch-pngconf.h (dead) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"