Red Hat Bugzilla – Bug 135708
CAN-2004-0955 integer arithmetic overflow vulnerability in png_read_png()
Last modified: 2007-11-30 17:07:04 EST
During the upstream update to libpng 1.2.6 and libpng 1.0.16,
additional issues were fixed which were not fix in our update. These
issues appear to lead to a crash from an OOB memory read.
This issue should also affect RHEL2.1
This issue doesn't affect us after all.