libpng version up to and including 1.2.5 have a couple of secuirty holes. Here are some CVE names > 1) Remotely exploitable stack-based buffer overrun in png_handle_tRNS > (pngrutil.c) > 2) Dangerous code in png_handle_sBIT (pngrutil.c) (Similar code in > png_handle_hIST). CAN-2004-0597 for these (we merge issues that have the same flaw type that get fixed in the same versions). > 3) Possible NULL-pointer crash in png_handle_iCCP (pngrutil.c) (this > flaw is duplicated in multiple other locations). CAN-2004-0598 for those > 4) Theoretical integer overflow in allocation in png_handle_sPLT > (pngrutil.c) > 5) Integer overflow in png_read_png (pngread.c) > 6) Integer overflows during progressive reading. > 7) Other flaws. [integer overflows] CAN-2004-0599 for those This issue affects FC1, FC2 and FC3 test1. RHEL is handled by bug 127869
Aug 04 1200UTC - removing embargo
http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00006.html http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00005.html http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00004.html http://www.redhat.com/archives/fedora-announce-list/2004-August/msg00003.html