The following issue has been SUBMITTED. ====================================================================== https://www.opencsw.org/mantis/view.php?id=5259 ====================================================================== Reported By: jubal Assigned To: ====================================================================== Project: libpng16_16 Issue ID: 5259 Category: Reproducibility: N/A Severity: major Priority: normal Status: new ====================================================================== Date Submitted: 2015-11-15 02:05 CET Last Modified: 2015-11-15 02:05 CET ====================================================================== Summary: Security -- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981 Description: Recent vulnerability in libpng - excerpt from their website:
"Virtually all libpng versions through 1.6.18, 1.5.23, 1.4.16, 1.2.53, and 1.0.63, respectively, have a potential out-of-bounds read in png_set_tIME()/png_convert_to_rfc1123() and an out-of-bounds write in png_get_PLTE()/png_set_PLTE(). At least the former vulnerability has been assigned ID CVE-2015-7981. Both are fixed in versions 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64, released on 12 November 2015." ======================================================================