Slackware-12.1 ChangeLog (2012-02-22)
Wed Feb 22 18:14:58 UTC 2012
Packages
Upgraded
- patches/packages/libpng-1.2.47-i486-1_slack12.1.tgz
All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57,
respectively, fail to correctly validate a heap allocation in
png_decompress_chunk(), which can lead to a buffer-overrun and the
possibility of execution of hostile code on 32-bit systems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
(* Security fix *)