Package: libpng Severity: grave Justification: user security hole As seen on http://www.securityfocus.com/bid/16626, there is a buffer overflow.
Redhat have a patch available at: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179455 However security focus lists versions 1.0.16, 1.0.17, 1.2.6, and 1.2.7 as vulnerable, but I see we've got higher versions in sarge. But I'm unsure if 1.2.8rel-1 is a pre-release version of 1.2.8, and hence whether it will have this fix or not. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
