-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-10954 2011-08-17 00:09:40 --------------------------------------------------------------------------------
Name : mingw32-libpng Product : Fedora 14 Version : 1.4.8 Release : 1.fc14 URL : http://www.libpng.org/pub/png/ Summary : MinGW Windows Libpng library Description : MinGW Windows Libpng library. -------------------------------------------------------------------------------- Update Information: Update to MinGW cross compiled libpng 1.4.8, includes fixes for CVE-2011-2690 and CVE-2011-2692. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 22 2011 Kalev Lember <[email protected]> - 1.4.8-1 - Update to 1.4.8 (CVE-2011-2690, CVE-2011-2692) * Wed Jun 29 2011 Richard W.M. Jones <[email protected]> - 1.4.3-2 - Include fix for CVE-2011-2501 (RHBZ#717510, RHBZ#717511). -------------------------------------------------------------------------------- References: [ 1 ] Bug #720607 - CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray https://bugzilla.redhat.com/show_bug.cgi?id=720607 [ 2 ] Bug #720612 - CVE-2011-2692 libpng: Invalid read when handling empty sCAL chunks https://bugzilla.redhat.com/show_bug.cgi?id=720612 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mingw32-libpng' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
