Information on source package optipng

Available versions

ReleaseVersion
wheezy (security)0.6.4-1+deb7u2
jessie (security)0.7.5-1+deb8u1
stretch0.7.6-1
buster0.7.6-1
sid0.7.6-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-1000229vulnerablevulnerablevulnerablevulnerablevulnerableInteger overflow bug in function minitiff_read_info() of optipng 0.7.6 ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2015-7802vulnerablevulnerablefixedfixedfixedgifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote ...

Resolved issues

BugDescription
CVE-2016-3982Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in ...
CVE-2016-3981Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c ...
CVE-2016-2191The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before ...
CVE-2015-7801Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers ...
CVE-2012-4432Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x ...
CVE-2009-0749Use-after-free vulnerability in the GIFReadNextExtension function in ...
CVE-2008-5101Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows ...

Security announcements

DSA / DLADescription
DSA-3546-1optipng - security update
DSA-3546-1optipng - security update
DLA-332-1optipng - security update

Search for package or bug name: Reporting problems