libpng
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A collection of routines used to create PNG format graphics files |
| Version | 1.6.43-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-868 | 1.6.36-1 | 1.6.37-1 | Low | Fixed | |
| AVG-119 | 1.6.26-2 | 1.6.27-1 | Low | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-7317 | AVG-868 | Low | No | Denial of service | png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute. |
| CVE-2016-10087 | AVG-119 | Low | Yes | Denial of service | A NULL-pointer dereference issue has been found in png_set_text_2() in libpng. To be vulnerable, an application has to load a text chunk into the png... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 24 Apr 2019 | ASA-201904-10 | AVG-868 | Low | denial of service |
| 01 Jan 2017 | ASA-201701-2 | AVG-119 | Low | denial of service |