A null pointer dereference vulnerability was found in libpng, affecting all versions since 0.71. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png structure. References: http://seclists.org/oss-sec/2016/q4/777 http://www.libpng.org/pub/png/libpng.html
Created libpng tracking bugs for this issue: Affects: fedora-all [bug 1409619]
Created libpng10 tracking bugs for this issue: Affects: fedora-all [bug 1409620] Affects: epel-6 [bug 1409624]
Created libpng12 tracking bugs for this issue: Affects: fedora-all [bug 1409621]
Created libpng15 tracking bugs for this issue: Affects: fedora-all [bug 1409622]
Created mingw-libpng tracking bugs for this issue: Affects: fedora-all [bug 1409623] Affects: epel-7 [bug 1409625]
(In reply to Andrej Nemec from comment #1) > Created libpng tracking bugs for this issue: > > Affects: fedora-all [bug 1409619] It seems this issue is missing a bug for libpng in RHEL 5/6/7 for the "libpng" package. Currently it is only tracked for "libpng10" in EPEL6/7.
(In reply to Robert Buchholz from comment #6) > (In reply to Andrej Nemec from comment #1) > > Created libpng tracking bugs for this issue: > > > > Affects: fedora-all [bug 1409619] > > It seems this issue is missing a bug for libpng in RHEL 5/6/7 for the > "libpng" package. Currently it is only tracked for "libpng10" in EPEL6/7. Hello Robert, this was triaged and classified as a low impact vulnerability and we will not be fixing it in RHEL systems. You may consult the page below for more information: https://access.redhat.com/security/updates/classification
Upstream commit: https://github.com/glennrp/libpng/commit/812768d7a9c973452222d454634496b25ed415eb