Red Hat Bugzilla – Bug 843179
CVE-2011-3464 libpng: One-byte stack buffer overrun in png_formatted_warning
Last modified: 2015-08-19 05:17:16 EDT
The libpng project announced that libpng 1.5.4 through 1.5.7 contain a
one-byte (stack) buffer-overrun bug in png_formatted_warning(), which could
lead to crashes (denial of service) or, conceivably, execution of hostile
code. This vulnerability has been assigned ID CVE-2011-3464 and is fixed in
version 1.5.8, released 1 February 2012.
Created mingw-libpng tracking bugs for this issue
Affects: fedora-17 [bug 843190]
Not vulnerable. This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 4, 5, and 6.