Source: libpng Version: 1.2.15~beta5-1 Severity: normal Tags: security
Hi, The following CVE (Common Vulnerabilities & Exposures) id was published for horde3. CVE-2008-5907[1]: > The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and > 1.2.x before 1.2.34, might allow context-dependent attackers to set the > value of an arbitrary memory location to zero via vectors involving > creation of crafted PNG files with keywords, related to an implicit cast of > the '\0' character constant to a NULL pointer. NOTE: some sources > incorrectly report this as a double free vulnerability. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5907 http://security-tracker.debian.net/tracker/CVE-2008-5907 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
