http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5793 "The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read." Appears to be fixed in 1.0.21.
I have 1.0.21 packages prepared, but can't import and build yet due to the cvs outage. If anyone would like a preview, I have packages here: http://www.city-fan.org/~paul/extras/libpng10/ (no ppc packages as I don't have a ppc builder) Note that libpng10 is a Core package for all releases prior to FC6 (and presumably RHEL too) so separate bugs will need raising for those releases. http://www.fedoraproject.org/wiki/Extras/Schedule/SecurityAnnoucements has disappeared from the wiki, so is there a document somewhere stating how to prepare and send out a securiry announcement?
1.0.21-1 has built successfully for Rawhide and FC6, and should be released later today. A fix is still needed for FC5 and earlier releases of course.
FC report is in bug 216706, and today's FE push is in progress.
Looks like this has been fixed for a while now.