From fc637fb28da700da71ec2064d65ca5a7a31b9c6c Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 18 Aug 2019 18:16:17 +0100 Subject: gentoo resync : 18.08.2019 --- metadata/glsa/glsa-201908-02.xml | 54 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 metadata/glsa/glsa-201908-02.xml (limited to 'metadata/glsa/glsa-201908-02.xml') diff --git a/metadata/glsa/glsa-201908-02.xml b/metadata/glsa/glsa-201908-02.xml new file mode 100644 index 000000000000..0c73ede6a3c9 --- /dev/null +++ b/metadata/glsa/glsa-201908-02.xml @@ -0,0 +1,54 @@ + + + + libpng: Multiple vulnerabilities + Multiple vulnerabilities have been found in libpng, the worst of + which could result in a Denial of Service condition. + + libpng + 2019-08-03 + 2019-08-03 + 683366 + remote + + + 1.6.37 + 1.6.37 + + + +

libpng is a standard library used to process PNG (Portable Network + Graphics) images. It is used by several programs, including web browsers + and potentially server processes. +

+ + +

Multiple vulnerabilities have been discovered in libpng. Please review + the CVE identifiers referenced below for details. +

+ + +

A remote attacker, by enticing a user to process a specially crafted PNG + file, could cause a Denial of Service condition. +

+ + +

There is no known workaround at this time.

+ + +

All libpng users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.6.37" + + + + + CVE-2018-14048 + CVE-2018-14550 + CVE-2019-7317 + + BlueKnight + b-man + -- cgit v1.2.3