Several versions of libpng through 1.4.2 (and through 1.2.43 in the older
series) contain a bug whereby progressive applications such as web browsers
(or the rpng2 demo app included in libpng) could receive an extra row of
image data beyond the height reported in the header, potentially leading
to an out-of-bounds write to memory (depending on how the application is
written) and the possibility of execution of an attacker's code with the
privileges of the libpng user (including remote compromise in the case of
a libpng-based browser visiting a hostile web site). This vulnerability
has been assigned ID CVE-2010-1205 (via Mozilla).
An additional memory-leak bug, involving images with malformed sCAL chunks,
is also present; it could lead to an application crash (denial of service)
when viewing such images.
Fix: The API changes in 1.4.3. seems backward compatible.
Old xv and gqview binaries tested sucessful with new shared lib.
The dither function have been enabled in the port 1.4.1_1,
because a few ports still uses this API.
In 1.4.3. the API is back with new name.
Old knews binary tested sucessful with new shared lib.
Impact: Packages should eb rebuild to record the new dependency.
Please have an exp run to see if there is any breakage.
Please approve the patch below.
Update needs appoval from portmrg@
Fix category (submitter is not maintainer) (via the GNATS Auto Assign
Over to maintainer (via the GNATS Auto Assign Tool)
over for review and approval
Note that this is a maintainer update. While I'm there tag
it as [security] as this is rather critical issue.
Looks good -- i have just committed it, to cut down on time the port is still
forbidden. Hope you don't mind
pav 2010-06-29 13:14:53 UTC
FreeBSD ports repository
graphics/png Makefile distinfo
- Update to 1.4.3
Submitted by: dinoex (maintainer)
Approved by: portmgr
Feature safe: yes
Revision Changes Path
1.111 +1 -4 ports/graphics/png/Makefile
1.56 +6 -6 ports/graphics/png/distinfo
1.5 +1 -1 ports/graphics/png/files/patch-libpng.pc.in
1.2 +0 -11 ports/graphics/png/files/patch-pngconf.h (dead)
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "email@example.com"