Package: libpng Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libpng.
CVE-2008-1382[0]: | libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 | through 1.4.0beta19 allows context-dependent attackers to cause a | denial of service (crash) and possibly execute arbitrary code via a | PNG file with zero length "unknown" chunks, which trigger an access of | uninitialized memory. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 http://security-tracker.debian.net/tracker/CVE-2008-1382 -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpm9i3naukOI.pgp
Description: PGP signature
