Back to bug 799000
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jan Lieskovsky | 2012-03-01 14:16:28 UTC | CC | tgl | |
| Jan Lieskovsky | 2012-03-01 14:18:21 UTC | Whiteboard | impact=low,public=20120401,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=new,fedora-all/libpng10=new fedora-all/libpng=affected | impact=low,public=no,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=new,fedora-all/libpng10=new,fedora-all/libpng=affected |
| Jan Lieskovsky | 2012-03-01 16:19:44 UTC | Blocks | 799043 | |
| Huzaifa S. Sidhpurwala | 2012-03-08 09:27:05 UTC | Summary | EMBARGOED libpng: Excessive CPU consumption and out-of-heap-based-buffer bounds read (crash) by expanding 'iccp, 'itxt', and 'ztxt' PNG chunks | EMBARGOED CVE-2011-3045 libpng: Excessive CPU consumption and out-of-heap-based-buffer bounds read (crash) by expanding 'iccp, 'itxt', and 'ztxt' PNG chunks |
| Alias | CVE-2011-3045 | |||
| Huzaifa S. Sidhpurwala | 2012-03-08 10:43:24 UTC | Summary | EMBARGOED CVE-2011-3045 libpng: Excessive CPU consumption and out-of-heap-based-buffer bounds read (crash) by expanding 'iccp, 'itxt', and 'ztxt' PNG chunks | CVE-2011-3045 libpng: Type-conversion flaw leading to OOB Read when certain expanding 'iccp, 'itxt', and 'ztxt' PNG chunks |
| Huzaifa S. Sidhpurwala | 2012-03-08 10:44:08 UTC | Group | security, qe_staff | |
| Whiteboard | impact=low,public=no,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=new,fedora-all/libpng10=new,fedora-all/libpng=affected | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=new,fedora-all/libpng10=new fedora-all/libpng=affected | ||
| Huzaifa S. Sidhpurwala | 2012-03-08 10:44:57 UTC | Priority | low | medium |
| Severity | low | medium | ||
| Huzaifa S. Sidhpurwala | 2012-03-08 10:48:50 UTC | Whiteboard | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=new,fedora-all/libpng10=new fedora-all/libpng=affected | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected fedora-all/libpng=affected |
| Huzaifa S. Sidhpurwala | 2012-03-08 10:56:57 UTC | Summary | CVE-2011-3045 libpng: Type-conversion flaw leading to OOB Read when certain expanding 'iccp, 'itxt', and 'ztxt' PNG chunks | CVE-2011-3045 libpng: Type-conversion flaw leading to heap-buffer overflow when certain expanding 'iccp, 'itxt', and 'ztxt' PNG chunks |
| Huzaifa S. Sidhpurwala | 2012-03-08 10:59:21 UTC | Summary | CVE-2011-3045 libpng: Type-conversion flaw leading to heap-buffer overflow when certain expanding 'iccp, 'itxt', and 'ztxt' PNG chunks | CVE-2011-3045 libpng: Type-conversion flaw leading to out-of-bounds read/write when expanding certain 'iccp, 'itxt', and 'ztxt' PNG chunks |
| Tomas Hoger | 2012-03-08 12:39:19 UTC | Summary | CVE-2011-3045 libpng: Type-conversion flaw leading to out-of-bounds read/write when expanding certain 'iccp, 'itxt', and 'ztxt' PNG chunks | CVE-2011-3045 libpng: buffer overflow in png_inflate caused by invalid type conversions |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:01:46 UTC | Depends On | 801661 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:02 UTC | Depends On | 801662 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:17 UTC | Depends On | 801663 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:29 UTC | Depends On | 801664 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:41 UTC | Depends On | 801665 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:50 UTC | Depends On | 801666 | |
| Huzaifa S. Sidhpurwala | 2012-03-09 06:02:59 UTC | Depends On | 801667 | |
| Huzaifa S. Sidhpurwala | 2012-03-16 06:48:02 UTC | Whiteboard | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected fedora-all/libpng=affected | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected fedora-all/libpng=affected |
| Iveta Wiedermann | 2012-03-19 12:08:50 UTC | CC | isenfeld | |
| Tomas Hoger | 2012-07-18 09:34:11 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2012-07-18 05:34:11 UTC | |||
| Vincent Danen | 2015-10-15 21:23:20 UTC | Whiteboard | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected,fedora-all/libpng=affected | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=notaffected,epel-6/libpng10=affected,fedora-all/libpng10=affected,fedora-all/libpng=affected |
| Ján Rusnačko | 2015-11-24 14:50:33 UTC | Whiteboard | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=notaffected,epel-6/libpng10=affected,fedora-all/libpng10=affected,fedora-all/libpng=affected | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected,fedora-all/libpng=affected |
| Product Security DevOps Team | 2019-09-29 12:50:57 UTC | Whiteboard | impact=moderate,public=20120308,reported=20120229,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/libpng10=wontfix,rhel-4/libpng=wontfix,rhel-5/libpng=affected,rhel-6/libpng=affected,epel-6/libpng10=affected,fedora-all/libpng10=affected,fedora-all/libpng=affected |
Back to bug 799000