Information on source package optipng

Available versions

wheezy (security)0.6.4-1+deb7u4
jessie (security)0.7.5-1+deb8u2
stretch (security)0.7.6-1+deb9u1

Open unimportant issues

CVE-2015-7802vulnerablevulnerablefixedfixedfixedgifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote ...

Resolved issues

CVE-2017-16938A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to ...
CVE-2017-1000229Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...
CVE-2016-3982Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in ...
CVE-2016-3981Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c ...
CVE-2016-2191The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before ...
CVE-2015-7801Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers ...
CVE-2012-4432Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x ...
CVE-2009-0749Use-after-free vulnerability in the GIFReadNextExtension function in ...
CVE-2008-5101Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows ...

Security announcements

DSA / DLADescription
DSA-4058-1optipng - security update
DSA-4058-1optipng - security update
DLA-1196-1optipng - security update
DLA-1184-1optipng - security update
DSA-3546-1optipng - security update
DSA-3546-1optipng - security update
DLA-332-1optipng - security update

Search for package or bug name: Reporting problems