Bug 216263
| Summary: | CVE-2006-5793: libpng10 < 1.0.21 DoS vulnerability | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ville Skyttä <ville.skytta> |
| Component: | libpng10 | Assignee: | Paul Howarth <paul> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6 | CC: | extras-qa, fedora-security-list, thorjansen |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 1.0.21-1 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-11-26 06:53:26 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Ville Skyttä
2006-11-18 10:13:41 UTC
I have 1.0.21 packages prepared, but can't import and build yet due to the cvs outage. If anyone would like a preview, I have packages here: http://www.city-fan.org/~paul/extras/libpng10/ (no ppc packages as I don't have a ppc builder) Note that libpng10 is a Core package for all releases prior to FC6 (and presumably RHEL too) so separate bugs will need raising for those releases. http://www.fedoraproject.org/wiki/Extras/Schedule/SecurityAnnoucements has disappeared from the wiki, so is there a document somewhere stating how to prepare and send out a securiry announcement? 1.0.21-1 has built successfully for Rawhide and FC6, and should be released later today. A fix is still needed for FC5 and earlier releases of course. FC report is in bug 216706, and today's FE push is in progress. Looks like this has been fixed for a while now. |