Information on source package libpng

Available versions

ReleaseVersion
jessie1.2.50-2+deb8u3
jessie (security)1.2.50-2+deb8u2

Open unimportant issues

BugjessieDescription
CVE-2019-6129vulnerablepng_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...
CVE-2018-14550vulnerablestack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token()
CVE-2018-14048vulnerableAn issue has been found in libpng 1.6.34. It is a SEGV in the function ...

Resolved issues

BugDescription
CVE-2016-10087The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ...
CVE-2015-8540Integer underflow in the png_check_keyword function in pngwutil.c in l ...
CVE-2015-8472Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, ...
CVE-2015-8126Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE ...
CVE-2015-7981The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1. ...
CVE-2015-0973Buffer overflow in the png_read_IDAT_data function in pngrutil.c in li ...
CVE-2014-9495Heap-based buffer overflow in the png_combine_row function in libpng b ...
CVE-2014-0333The png_push_read_chunk function in pngpread.c in the progressive deco ...
CVE-2013-7354Multiple integer overflows in libpng before 1.5.14rc03 allow remote at ...
CVE-2013-7353Integer overflow in the png_set_unknown_chunks function in libpng/pngs ...
CVE-2013-6954The png_do_expand_palette function in libpng before 1.6.8 allows remot ...
CVE-2012-3425The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1 ...
CVE-2011-3464Off-by-one error in the png_formatted_warning function in pngerror.c i ...
CVE-2011-3328The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color ...
CVE-2011-3048The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, ...
CVE-2011-3045Integer signedness error in the png_inflate function in pngrutil.c in ...
CVE-2011-3026Integer overflow in libpng, as used in Google Chrome before 17.0.963.5 ...
CVE-2011-2692The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0. ...
CVE-2011-2691The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2. ...
CVE-2011-2690Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1. ...
CVE-2011-2501The png_format_buffer function in pngerror.c in libpng 1.0.x before 1. ...
CVE-2011-0408pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cau ...
CVE-2010-2249Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1. ...
CVE-2010-1205Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before ...
CVE-2010-0205The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before ...
CVE-2009-5063Memory leak in the embedded_profile_len function in pngwutil.c in libp ...
CVE-2009-2042libpng before 1.2.37 does not properly parse 1-bit interlaced images w ...
CVE-2009-0040The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before ...
CVE-2008-6218Memory leak in the png_handle_tEXt function in pngrutil.c in libpng be ...
CVE-2008-5907The png_check_keyword function in pngwutil.c in libpng before 1.0.42, ...
CVE-2008-3964Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 befo ...
CVE-2008-1382libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 thr ...
CVE-2007-5269Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...
CVE-2007-5268pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) log ...
CVE-2007-5267Off-by-one error in ICC profile chunk handling in the png_set_iCCP fun ...
CVE-2007-5266Off-by-one error in ICC profile chunk handling in the png_set_iCCP fun ...
CVE-2007-2445The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and ...
CVE-2006-7244Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions be ...
CVE-2006-5793The sPLT chunk handling code (png_set_sPLT function in pngset.c) in li ...
CVE-2006-3334Buffer overflow in the png_decompress_chunk function in pngrutil.c in ...
CVE-2006-0481Heap-based buffer overflow in the alpha strip capability in libpng 1.2 ...
CVE-2004-0768libpng 1.2.5 and earlier does not properly calculate certain buffer of ...
CVE-2004-0599Multiple integer overflows in the (1) png_read_png in pngread.c or (2) ...
CVE-2004-0598The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote ...
CVE-2004-0597Multiple buffer overflows in libpng 1.2.5 and earlier, as used in mult ...
CVE-2004-0421The Portable Network Graphics library (libpng) 1.0.15 and earlier allo ...
CVE-2002-1363Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does ...
CVE-2002-0728Buffer overflow in the progressive reader for libpng 1.2.x before 1.2. ...
CVE-2002-0660Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody ...

Security announcements

DSA / DLADescription
DSA-3443-1libpng - security update
DSA-3443-1libpng - security update
DLA-375-1libpng - security update
DSA-3399-1libpng - security update
DSA-3399-1libpng - security update
DLA-343-1libpng - security update
DSA-2446-1libpng - incorrect memory handling
DSA-2439-1libpng - buffer overflow
DSA-2410-1libpng - integer overflow
DSA-2287-1libpng - several vulnerabilities
DSA-2287-1libpng - several vulnerabilities
DSA-2072-1libpng - several vulnerabilities
DSA-2032-1libpng - several vulnerabilities
DSA-1750-1libpng - several vulnerabilities
DSA-1750-1libpng - several vulnerabilities
DSA-570-1libpng - integer overflow
DSA-536libpng - several vulnerabilities
DSA-498libpng - out of bound access
DSA-213libpng - buffer overflow
DSA-140libpng - buffer overflow

Search for package or bug name: Reporting problems