Severity Low
Remote Yes
Type Denial of service
A NULL-pointer dereference issue has been found in png_set_text_2() in libpng. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png structure.
Group Package Affected Fixed Severity Status Ticket
AVG-122 libpng12 1.2.56-4 1.2.57-1 Low Fixed
AVG-121 lib32-libpng12 1.2.56-4 1.2.57-1 Low Fixed
AVG-120 lib32-libpng 1.6.26-1 1.6.27-1 Low Fixed
AVG-119 libpng 1.6.26-2 1.6.27-1 Low Fixed
Date Advisory Group Package Severity Description
02 Jan 2017 ASA-201701-6 AVG-121 lib32-libpng12 Low denial of service
02 Jan 2017 ASA-201701-5 AVG-120 lib32-libpng Low denial of service
02 Jan 2017 ASA-201701-4 AVG-122 libpng12 Low denial of service
01 Jan 2017 ASA-201701-2 AVG-119 libpng Low denial of service
Fixed in 1.6.27 and 1.2.57 (libpng16) (libpng12)