#2836 closed task (fixed)
libpng-1.2.35
| Reported by: | Randy McMurchy | Owned by: | Randy McMurchy |
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | BOOK | Version: | SVN |
| Severity: | major | Keywords: | |
| Cc: |
Description
Version increment to 1.2.35
The changes in this release are as follows: This release fixes a newly discovered vulnerability in which some arrays of pointers are not initialized prior to using malloc to define the pointers. If the application runs out of memory while executing the allocation loop (which can be forced by malevolent input), libpng will jump to a cleanup process that attempts to free all of the pointers, including the undefined ones.
Release focus: 9 - Major security fixes
Change History (3)
comment:1 by , 15 years ago
| Status: | new → assigned |
|---|
comment:2 by , 15 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Updated BLFS to libpng-1.2.35