Your message dated Sat, 21 Feb 2026 19:47:55 +0000
with message-id <[email protected]>
and subject line Bug#1125444: fixed in libpng1.6 1.6.48-1+deb13u2
has caused the Debian Bug report #1125444,
regarding libpng1.6: CVE-2026-22801: Integer truncation causing heap buffer
over-read in png_image_write_*
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1125444: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125444
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libpng1.6
Version: 1.6.53-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: found -1 1.6.26-1
Hi,
The following vulnerability was published for libpng1.6.
CVE-2026-22801[0]:
| LIBPNG is a reference library for use in applications that read,
| create, and manipulate PNG (Portable Network Graphics) raster image
| files. From 1.6.26 to 1.6.53, there is an integer truncation in the
| libpng simplified write API functions png_write_image_16bit and
| png_write_image_8bit causes heap buffer over-read when the caller
| provides a negative row stride (for bottom-up image layouts) or a
| stride exceeding 65535 bytes. The bug was introduced in libpng
| 1.6.26 (October 2016) by casts added to silence compiler warnings on
| 16-bit systems. This vulnerability is fixed in 1.6.54.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-22801
https://www.cve.org/CVERecord?id=CVE-2026-22801
[1] https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libpng1.6
Source-Version: 1.6.48-1+deb13u2
Done: Tobias Frost <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libpng1.6, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tobias Frost <[email protected]> (supplier of updated libpng1.6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 24 Jan 2026 09:32:42 +0100
Source: libpng1.6
Architecture: source
Version: 1.6.48-1+deb13u2
Distribution: trixie
Urgency: medium
Maintainer: Maintainers of libpng1.6 packages <[email protected]>
Changed-By: Tobias Frost <[email protected]>
Closes: 1125443 1125444
Changes:
libpng1.6 (1.6.48-1+deb13u2) trixie; urgency=medium
.
* Backporting fixes from 1.6.54 for stable:
- CVE-2026-22801 - Heap buffer over-read (Closes: #1125444
- CVE-2026-22695 - Heap buffer over-read (Closes: #1125443)
Checksums-Sha1:
c8959d319b9da00d3171910a24009ff1dd3e4c9a 2305 libpng1.6_1.6.48-1+deb13u2.dsc
4a0d9412d92e7052f187ba3287875b0220466306 1572923 libpng1.6_1.6.48.orig.tar.gz
91d08fb71012bf246784905efcdd01b9d7d7be95 41492
libpng1.6_1.6.48-1+deb13u2.debian.tar.xz
df0778cf0edb915e7ef81771307a69fcfb0623d5 7453
libpng1.6_1.6.48-1+deb13u2_source.buildinfo
Checksums-Sha256:
abd2e997805e0124e62b8150fa1624a663cdef2a44a59474b3d7f5f7052f3846 2305
libpng1.6_1.6.48-1+deb13u2.dsc
b17e99026055727e8cba99160c3a9a7f9af788e9f786daeadded5a42243f1dd0 1572923
libpng1.6_1.6.48.orig.tar.gz
f259d39054b1015cab39f2619885369018a683257a9cc58ad8124b6b988e94fe 41492
libpng1.6_1.6.48-1+deb13u2.debian.tar.xz
e8bc306822ed25a30bde4f84052834120655db7de13d76b2deb3d14a7dbb0ce8 7453
libpng1.6_1.6.48-1+deb13u2_source.buildinfo
Files:
9384d959bc74402e1bf72be424fdf986 2305 libs optional
libpng1.6_1.6.48-1+deb13u2.dsc
be6cc9e411c26115db3b9eab1159a1d9 1572923 libs optional
libpng1.6_1.6.48.orig.tar.gz
c354592c4effdc85fb8a966fb135e786 41492 libs optional
libpng1.6_1.6.48-1+deb13u2.debian.tar.xz
41245a750bd8e516962d3b24b7cd66b2 7453 libs optional
libpng1.6_1.6.48-1+deb13u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAml0wnYACgkQkWT6HRe9
XTZ5OA//cxSs6DArzg87EuzCHpGc84mOHRcplCcGsxw/c/ymOiD0exSTVMrsmXsu
mVTLWlncCFWeqctzAejFqQiU+qJG+18dznS1vSwK6/cza+sgQOTiTj1vYANot78s
Fk6p7w3sArVGbMzl/yEUQ0cf/2hFEzOG+klS8afiGpcxEZEditwFgUGOhYb5j68H
/Hh118G0KcZbX+7Z2PEb7sfNtTk5vmbO5gpZtw0EiEMIyI/0B/w4x5WC5Y76R1Vb
JJJnm8iQleQnAExQ4tSJbx4o2876HE0HnLsw+bJovTZ6IM5nt0ifCy+U+riDKvkc
J3BMY2legooNtuYaiBa0osdft801HpDMX7JNmF0VxgdhtWPSuPISLr2Y5y9/5zGq
HytxXc625B73uLc3Sq8SLu+ClWWkmD3xPi/jR/+KI7eGau3wkh+sRrROg1SZV+TZ
a2PjxkvrSn6IM1bghzFbypt1tdQ01k9S9BTBcY10fI/1oqxX+cDBrMM8uScgec7G
RSZ38VDNeseGLfzK030dmyCvfU364bhAPLuAiLBGJFDF9HQCsKDRI/eIVcXW7eqs
4+Jix8gKV2LEuxKmWudzlSJAp0QzLYqUf1/mRSv5puXv+Wtk6w4nnKWAGX7SxSBo
PCC9qX7Qyo+TrKmAPmK3Wjl/HWwMFffZ5GzDVMpin6AZCgzIwh8=
=8gRj
-----END PGP SIGNATURE-----
pgpDoCxxz5xLS.pgp
Description: PGP signature
--- End Message ---
