Red Hat Bugzilla – Bug 445487
libpng a subject to CVE-2008-1382 advisory
Last modified: 2013-07-02 23:18:17 EDT
Description of problem:
Quote: "Tavis Ormandy advised us of a bug in libpng in its handling
of unknown chunks with zero data length. We have examined the report
and find that the bug exists in all libpng versions since 1.0.6".
An advisory notes that various versions of ImageMagick are
affected by the bug. A version 1.2.28 with a fix was released.
Version-Release number of selected component (if applicable):
libpng-1.2.22-1.fc8 (but this is clearly not limited to F8)
yeah, we've heard of it ... doesn't appear significant enough to mandate a security exercise.
*** This bug has been marked as a duplicate of 441839 ***