--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-237 2004-08-04 --------------------------------------------------------------------- Product : Fedora Core 1 Name : libpng Version : 1.2.5 Release : 7 Summary : A library of functions for manipulating PNG image format files. Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. --------------------------------------------------------------------- Update Information: The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. During a source code audit, Chris Evans discovered several buffer overflows in libpng. An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0597 to these issues. In addition, this audit discovered a potential NULL pointer dereference in libpng (CAN-2004-0598) and several integer overflow issues (CAN-2004-0599). An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to crash when the file was opened by the victim. Red Hat would like to thank Chris Evans for discovering these issues. --------------------------------------------------------------------- * Fri Jul 23 2004 Matthias Clasen <mclasen@xxxxxxxxxx> 2:1.2.5-7 - Replace the patches for individual security problems with the cumulative patch issued by the png developers. * Tue Jun 15 2004 Elliot Lee <sopwith@xxxxxxxxxx> - rebuilt * Mon Jun 14 2004 Matthias Clasen <mclasen@xxxxxxxxxx> - 2:1.2.5-5 - Rebuild for FC2 * Mon Jun 14 2004 Matthias Clasen <mclasen@xxxxxxxxxx> - 2:1.2.5-4 - Rebuild for FC1 * Mon Jun 14 2004 Matthias Clasen <mclasen@xxxxxxxxxx> - 2:1.2.5-3 - Reinstate and improve the transfix patch which got lost sometime ago, but is still needed for CAN-2002-1363 (#125934) * Mon May 24 2004 Than Ngo <than@xxxxxxxxxx> 2:1.2.5-2 - add patch to link libm automatically - get rid of rpath * Wed May 19 2004 Matthias Clasen <mclasen@xxxxxxxxxx> 2:1.2.5-1 - 1.2.5 * Mon May 03 2004 Matthias Clasen <mclasen@xxxxxxxxxx> 2:1.2.2-22 - Redo the out-of-bounds fix in a slightly better way. * Wed Apr 21 2004 Matthias Clasen <mclasen@xxxxxxxxxx> - Bump release number to disambiguate n-v-rs. * Mon Apr 19 2004 Matthias Clasen <mclasen@xxxxxxxxxx> - fix a possible out-of-bounds read in the error message handler. #121229 * Tue Mar 02 2004 Elliot Lee <sopwith@xxxxxxxxxx> - rebuilt * Fri Feb 27 2004 Mark McLoughlin <markmc@xxxxxxxxxx> 2:1.2.2-19 - rebuild with changed bits/setjmp.h on ppc * Fri Feb 13 2004 Elliot Lee <sopwith@xxxxxxxxxx> - rebuilt * Wed Jun 04 2003 Elliot Lee <sopwith@xxxxxxxxxx> - rebuilt * Tue Jun 03 2003 Jeff Johnson <jbj@xxxxxxxxxx> - add explicit epoch's where needed. * Mon Feb 24 2003 Jonathan Blandford <jrb@xxxxxxxxxx> 2:1.2.2-15 - change pkg-config to use libdir instead of hardcoding /usr/lib * Mon Feb 24 2003 Elliot Lee <sopwith@xxxxxxxxxx> - rebuilt * Thu Feb 20 2003 Jonathan Blandford <jrb@xxxxxxxxxx> 2:1.2.2-12 - add Provides: libpng.so.3, #67007 * Fri Jan 24 2003 Jonathan Blandford <jrb@xxxxxxxxxx> - change requires to include the Epoch * Thu Jan 23 2003 Karsten Hopp <karsten@xxxxxxxxx> 2:1.2.2-11 - Bump & rebuild * Wed Jan 22 2003 Tim Powers <timp@xxxxxxxxxx> - rebuilt * Wed Jan 15 2003 Elliot Lee <sopwith@xxxxxxxxxx> 2:1.2.2-9 - Bump & rebuild * Thu Dec 12 2002 Tim Powers <timp@xxxxxxxxxx> 2:1.2.2-7 - merge changes in from -6hammer * Fri Jun 21 2002 Tim Powers <timp@xxxxxxxxxx> - automated rebuild * Thu May 23 2002 Tim Powers <timp@xxxxxxxxxx> - automated rebuild * Tue May 07 2002 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.2.2-4 - Don't own /usr/lib/pkgconfig - Don't strip library, that's up to rpm * Tue May 07 2002 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.2.2-3 - Forgot png.h * Mon May 06 2002 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.2.2-2 - Fix compatibility with everyone else. * Thu May 02 2002 Havoc Pennington <hp@xxxxxxxxxx> - 1.2.2 plus makefile patches tarball - update file list to contain versioned libpng only * Wed Jan 09 2002 Tim Powers <timp@xxxxxxxxxx> - automated rebuild * Mon Dec 17 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.2.1-1 - 1.2.1 * Wed Sep 19 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.2.0-1 - 1.2.0 * Mon Jul 16 2001 Trond Eivind Glomsrød <teg@xxxxxxxxxx> - s/Copyright/License/ - fix weird versioning system (epoch was set to "2" in the main package, serial to "1" in the devel package. Huh?) * Wed Jun 20 2001 Than Ngo <than@xxxxxxxxxx> 1.0.12-1 - update to 1.0.12 - add missing libpng symlink * Thu May 03 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.0.11-2 - libpng-devel requires zlib-devel (since png.h includes zlib.h) (#38883) * Wed May 02 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> 1.0.11-1 - 1.0.11 * Sun Apr 15 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - 1.0.10 * Tue Feb 06 2001 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - 1.0.9, fixes Mozilla problems * Tue Dec 12 2000 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - Rebuild to get rid of 0777 dirs * Wed Nov 15 2000 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - Remove the workaround for Bug #20018 (from Oct 30). Qt 2.2.2 fixes the problem the workaround addressed. * Mon Oct 30 2000 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - Work around a problem causing konqueror to segfault in image preview mode (Bug #20018) - Copy SuSE 7.0's patch to handle bad chunks * Sun Sep 03 2000 Florian La Roche <Florian.LaRoche@xxxxxxxxx> - only include the man5 man-pages once in the main rpm * Fri Jul 28 2000 Preston Brown <pbrown@xxxxxxxxxx> - upgrade to 1.0.8 - fixes small memory leak, other bugs * Thu Jul 13 2000 Prospector <bugzilla@xxxxxxxxxx> - automatic rebuild * Mon Jun 19 2000 Bernhard Rosenkraenzer <bero@xxxxxxxxxx> - patchlevel c - FHSify * Tue Mar 21 2000 Nalin Dahyabhai <nalin@xxxxxxxxxx> - update to 1.0.6 * Mon Mar 13 2000 Nalin Dahyabhai <nalin@xxxxxxxxxx> - change serial to Epoch to get dependencies working correctly * Fri Feb 11 2000 Nalin Dahyabhai <nalin@xxxxxxxxxx> - move buildroot and add URL * Sat Feb 05 2000 Bernhard Rosenkränzer <bero@xxxxxxxxxx> - strip library - rebuild to compress man pages * Sun Nov 21 1999 Bernhard Rosenkränzer <bero@xxxxxxxxxx> - 1.0.5 - some tweaks to spec file to make updating easier - handle RPM_OPT_FLAGS * Mon Sep 20 1999 Matt Wilson <msw@xxxxxxxxxx> - changed requires in libpng-devel to include serial - corrected typo * Sun Mar 21 1999 Cristian Gafton <gafton@xxxxxxxxxx> - auto rebuild in the new build environment (release 2) * Sun Feb 07 1999 Michael Johnson <johnsonm@xxxxxxxxxx> - rev to 1.0.3 * Thu Dec 17 1998 Cristian Gafton <gafton@xxxxxxxxxx> - build for 6.0 * Wed Sep 23 1998 Cristian Gafton <gafton@xxxxxxxxxx> - we are Serial: 1 now because we are reverting the 1.0.2 version from 5.2 beta to this prior one - install man pages; set defattr defaults * Thu May 07 1998 Prospector System <bugs@xxxxxxxxxx> - translations modified for de, fr, tr * Thu Apr 30 1998 Cristian Gafton <gafton@xxxxxxxxxx> - devel subpackage moved to Development/Libraries * Wed Apr 08 1998 Cristian Gafton <gafton@xxxxxxxxxx> - upgraded to 1.0.1 - added buildroot * Tue Oct 14 1997 Donnie Barnes <djb@xxxxxxxxxx> - updated to new version - spec file cleanups * Thu Jul 10 1997 Erik Troan <ewt@xxxxxxxxxx> - built against glibc --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/ ddfaeadf308bfc528f769bee9b8af3e4 SRPMS/libpng-1.2.5-7.src.rpm 79d2c07cc01280b88df13a2846d28376 x86_64/libpng-1.2.5-7.x86_64.rpm 4bbf88bfefecfeeb99a70a50201d2804 x86_64/libpng-devel-1.2.5-7.x86_64.rpm fa4ad0f9b024f15f7f79012f31914ce3 x86_64/debug/libpng-debuginfo-1.2.5-7.x86_64.rpm 81fcd51814f7d428eb8898a635412896 x86_64/libpng-1.2.5-7.i386.rpm 81fcd51814f7d428eb8898a635412896 i386/libpng-1.2.5-7.i386.rpm c618312ab7b8a520a92aa8c56048f0a8 i386/libpng-devel-1.2.5-7.i386.rpm 99d64e601f653ad889452841efa883f5 i386/debug/libpng-debuginfo-1.2.5-7.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------