AVG-868

Package libpng
Status Fixed
Severity Low
Type denial of service
Affected 1.6.36-1
Fixed 1.6.36-2
Current 1.6.37-1 [extra]
Ticket None
Created Wed Feb 6 12:27:30 2019
Advisory Pending
Issue Severity Remote Type Description
CVE-2019-7317 Low No Denial of service
png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute.