Slackware64-13.0 ChangeLog (2015-12-03)
Thu Dec 3 07:28:30 UTC 2015
Packages
Upgraded
- patches/packages/libpng-1.2.54-x86_64-1_slack13.0.txz
Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
png_set_tIME(), and png_convert_to_rfc1123() functions that allow
attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a small bit-depth value
in an IHDR (aka image header) chunk in a PNG image.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
(* Security fix *)