Bug 566234 (CVE-2010-0205)
Summary: | CVE-2010-0205 libpng: excessive memory consumption due to highly compressed huge ancillary chunk | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | ddumas, hhorak, jlieskov, jrusnack, ohudlick, qe-baseos-apps, security-response-team, stransky | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-06-04 21:03:07 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 573763, 609917, 609918, 609919, 609921, 609922, 609926, 609928, 609929, 802165 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Vincent Danen
2010-02-17 16:33:27 UTC
This issue is public now and assigned the name CVE-2010-0205: https://www.kb.cert.org/vuls/id/576029 Created attachment 397627 [details]
patch for fixing extremely slow decompression of compressed chunks
libpng10-1.0.53-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/F13/FEDORA-2010-2988 libpng10-1.0.53-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/F12/FEDORA-2010-3375 libpng10-1.0.53-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/F11/FEDORA-2010-3414 libpng10-1.0.53-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/F12/FEDORA-2010-3375 Additional references: http://libpng.sourceforge.net/ADVISORY-1.4.1.html http://libpng.sourceforge.net/decompression_bombs.html The Mozilla applications (firefox, thunderbird, seamonkey, etc.) are using embedded libpng which makes them vulnerable to this issue, despite whether or not the system libpng is updated. Is there a particular reason why the Mozilla applications are using an embedded version of libpng? And can we make them use the system libpng at all? If not, we'll have to try the patch that Tom attached in the firefox and friends builds to make sure that the email/browser clients are patched as there is greater risk using those applications than other applications using libpng. libpng10-1.0.53-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.2.43-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/libpng-1.2.43-1.fc12 libpng-1.2.43-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/libpng-1.2.43-1.fc13 libpng-1.2.43-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/libpng-1.2.43-1.fc11 libpng10-1.0.53-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. libpng10-1.0.53-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.2.43-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.2.43-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.2.43-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0534 https://rhn.redhat.com/errata/RHSA-2010-0534.html Statement: (none) |