Bug 790737 (CVE-2011-3026)
| Summary: | CVE-2011-3026 libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> | ||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
| Status: | CLOSED ERRATA | QA Contact: | |||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | unspecified | CC: | caillon, isenfeld, jhorak, security-response-team, stransky, tgl, tpelka | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-07-18 09:33:54 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 791004, 791005, 791006, 791007, 791008, 791016, 791017, 791018, 791019, 791020, 791021, 791022, 791023, 791024, 791025, 791026, 791027, 791183, 791184, 791185, 794518 | ||||||
| Bug Blocks: | 790741 | ||||||
| Attachments: |
|
||||||
|
Description
Huzaifa S. Sidhpurwala
2012-02-15 09:54:35 UTC
Created attachment 562240 [details]
1.9.x patch
Patch for 1.9.x, modified file path and chunks.
*** Bug 791030 has been marked as a duplicate of this bug. *** Created libpng tracking bugs for this issue Affects: fedora-all [bug 791183] Created thunderbird tracking bugs for this issue Affects: fedora-all [bug 791185] Created firefox tracking bugs for this issue Affects: fedora-all [bug 791184] This issue has been addressed in seamonkey in following products: Red Hat Enterprise Linux 4 Via RHSA-2012:0141 https://rhn.redhat.com/errata/RHSA-2012-0141.html This issue has been addressed in firefox in following products: Red Hat Enterprise Linux 4 Via RHSA-2012:0142 https://rhn.redhat.com/errata/RHSA-2012-0142.html This issue has been addressed in thunderbird in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0140 https://rhn.redhat.com/errata/RHSA-2012-0140.html This issue has been addressed in xulrunner in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0143 https://rhn.redhat.com/errata/RHSA-2012-0143.html External References: http://www.mozilla.org/security/announce/2012/mfsa2012-11.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0317 https://rhn.redhat.com/errata/RHSA-2012-0317.html libpng-1.2.46-2.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.2.46-2.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. libpng10-1.0.57-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. libpng10-1.0.57-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. libpng-1.5.8-2.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. libpng10-1.0.57-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. libpng10-1.0.57-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. Commits in chromium and mozilla repositories: http://src.chromium.org/viewvc/chrome?view=rev&revision=121019 http://hg.mozilla.org/releases/mozilla-esr10/rev/cc9013d9ffc1 |