Bug#632786: marked as done (CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+)

Debian Bug Tracking System Fri, 29 Jul 2011 01:12:28 -0700

Your message dated Fri, 29 Jul 2011 08:09:35 +0000
with message-id <e1qmi8v-00017p...@franck.debian.org>
and subject line Bug#632786: fixed in libpng 1.2.44-1+squeeze1
has caused the Debian Bug report #632786,
regarding CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
632786: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libpng
Tags: security patch
Severity: critical


https://bugzilla.redhat.com/show_bug.cgi?id=717084


Vincent Danen      2011-06-27 18:34:45 EDT

It was reported [1] that the fix for CVE-2004-0421 in libpng was
inadvertently reverted during the 1.2.23 development cycle.  The
original flaw could be used to cause a denial of service via a
carefully-crafted PNG image.

This would affect all versions of libpng >=1.2.23, including 1.4.x and
1.5.x.

[1] 
http://sourceforge.net/mailarchive/forum.php?thread_name=BANLkTikrnU6FJNQYFvwmt78hwpgKPVRd1Q%40mail.gmail.com&forum_name=png-mng-implement


Vincent Danen      2011-06-27 18:43:19 EDT

Upstream fix is here:

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=65e6d5a34f49acdb362a0625a706c6b914e670af


Huzaifa S. Sidhpurwala      2011-06-28 23:44:56 EDT

This has been assigned CVE-2011-2501:
http://www.openwall.com/lists/oss-security/2011/06/28/16

--- End Message ---

--- Begin Message ---

Source: libpng
Source-Version: 1.2.44-1+squeeze1

We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:

libpng12-0-udeb_1.2.44-1+squeeze1_amd64.udeb
  to main/libp/libpng/libpng12-0-udeb_1.2.44-1+squeeze1_amd64.udeb
libpng12-0_1.2.44-1+squeeze1_amd64.deb
  to main/libp/libpng/libpng12-0_1.2.44-1+squeeze1_amd64.deb
libpng12-dev_1.2.44-1+squeeze1_amd64.deb
  to main/libp/libpng/libpng12-dev_1.2.44-1+squeeze1_amd64.deb
libpng3_1.2.44-1+squeeze1_all.deb
  to main/libp/libpng/libpng3_1.2.44-1+squeeze1_all.deb
libpng_1.2.44-1+squeeze1.debian.tar.bz2
  to main/libp/libpng/libpng_1.2.44-1+squeeze1.debian.tar.bz2
libpng_1.2.44-1+squeeze1.dsc
  to main/libp/libpng/libpng_1.2.44-1+squeeze1.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 632...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nobuhiro Iwamatsu <iwama...@debian.org> (supplier of updated libpng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 15 Jul 2011 13:06:17 +0900
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source all amd64
Version: 1.2.44-1+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Anibal Monsalve Salazar <ani...@debian.org>
Changed-By: Nobuhiro Iwamatsu <iwama...@debian.org>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Closes: 632786 633871
Changes: 
 libpng (1.2.44-1+squeeze1) stable-security; urgency=high
 .
   * Apply upstream patch to 1-byte uninitialized memory reference in
     png_format_buffer(). (Closes: #632786, CVE-2011-2501)
   * Apply upstream patch to buffer overwrite in png_rgb_to_gray.
     (Closes: #633871, CVE-2011-2690)
   * Apply upstream patch to crash in png_default_error due to use of
     NULL Pointer. (Closes: #633871, CVE-2011-2691)
   * Apply upstream patch to memory corruption when handling empty sCAL chunks.
     (Closes: #633871, CVE-2011-2692)
Checksums-Sha1: 
 45a8e4fc8eaf5f8dfc9853c3e0b7bf030541db3b 1220 libpng_1.2.44-1+squeeze1.dsc
 07bd9d67c6e6076416a951451e1b05c2660e9d0d 657967 libpng_1.2.44.orig.tar.bz2
 b5eaece6cb9f13b7d11d728d8d19dc66359d7a3f 16868 
libpng_1.2.44-1+squeeze1.debian.tar.bz2
 bcb490754b55519748d4ca3796afddebc08a10de 880 libpng3_1.2.44-1+squeeze1_all.deb
 35db55d3d4d7c52fc3d6a18db676906f4e938cfa 180292 
libpng12-0_1.2.44-1+squeeze1_amd64.deb
 aabbdbef0b17f9372873bb244aedd5704c8f0c4f 271912 
libpng12-dev_1.2.44-1+squeeze1_amd64.deb
 9edf83d59877f7eebe6b728c8810da284c60ef95 73652 
libpng12-0-udeb_1.2.44-1+squeeze1_amd64.udeb
Checksums-Sha256: 
 835250574e621c80944fe60450b959b2b7b72c7387832c85f4d98c36a89f1171 1220 
libpng_1.2.44-1+squeeze1.dsc
 b9ab20f1c2c3bf6c4448fd9bd8a4a8905b918114d5fada56c97bb758a17b7215 657967 
libpng_1.2.44.orig.tar.bz2
 55ad8e3c7bb798d5d9e1f5b699e2f486835760e0317c9253c41a1c5db2674af7 16868 
libpng_1.2.44-1+squeeze1.debian.tar.bz2
 07c686aa185d25be43d9799cf5ae9a62859e357db026a85fe8960ecfedae2660 880 
libpng3_1.2.44-1+squeeze1_all.deb
 347650a1fdc4795ee74e28d0320ab1989420af88693388077093363e328e54b4 180292 
libpng12-0_1.2.44-1+squeeze1_amd64.deb
 ba6ba8661767687e798919d1edbd1e023fa203295beddc4e9af71744669dbdac 271912 
libpng12-dev_1.2.44-1+squeeze1_amd64.deb
 c062c253e6483b06b353fe69a76ae70325e0db9125298009a57de0101d7c8e15 73652 
libpng12-0-udeb_1.2.44-1+squeeze1_amd64.udeb
Files: 
 bd03fe299fc0e736b4305cad9f9f6900 1220 libs optional 
libpng_1.2.44-1+squeeze1.dsc
 e3ac7879d62ad166a6f0c7441390d12b 657967 libs optional 
libpng_1.2.44.orig.tar.bz2
 ca336993266703229b7734da741dde9f 16868 libs optional 
libpng_1.2.44-1+squeeze1.debian.tar.bz2
 8078aad6ce639a863fa46dce21221b24 880 oldlibs optional 
libpng3_1.2.44-1+squeeze1_all.deb
 3bad55f8ab41473f07de953d1f6a9b44 180292 libs optional 
libpng12-0_1.2.44-1+squeeze1_amd64.deb
 8b8090de72a41f922617afe627b50df9 271912 libdevel optional 
libpng12-dev_1.2.44-1+squeeze1_amd64.deb
 b1429ec2d57a1bfc432c6a0f99039eef 73652 debian-installer extra 
libpng12-0-udeb_1.2.44-1+squeeze1_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4sytAACgkQQWTRs4lLtHl+pQCgjA7UWmWPY7AaXk8f+E2Whzrs
QOgAn0sv3l1QCeS4pVQaBrOLqEly3zUy
=UYDh
-----END PGP SIGNATURE-----

--- End Message ---

Bug#632786: marked as done (CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+)

Reply via email to