Security Advisory Moderate: libpng security update

Advisory: RHSA-2007:0356-2
Type: Security Advisory
Severity: Moderate
Issued on: 2007-05-17
Last updated on: 2007-05-17
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
OVAL: N/A
CVEs (cve.mitre.org): CVE-2006-5793
CVE-2007-2445

Details

Updated libpng packages that fix security issues are now available for Red
Hat Enterprise Linux.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.

A flaw was found in the handling of malformed images in libpng. An attacker
could create a carefully crafted PNG image file in such a way that it could
cause an application linked with libpng to crash when the file was
manipulated. (CVE-2007-2445)

A flaw was found in the sPLT chunk handling code in libpng. An attacker
could create a carefully crafted PNG image file in such a way that it could
cause an application linked with libpng to crash when the file was opened.
(CVE-2006-5793)

Users of libpng should update to these updated packages which contain
backported patches to correct these issues.

Red Hat would like to thank Glenn Randers-Pehrson, Mats Palmgren, and Tavis
Ormandy for supplying details and patches for these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
libpng-devel-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     60f7db7d67d26ce36d6c609b8fa8436a
 
x86_64:
libpng-devel-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     60f7db7d67d26ce36d6c609b8fa8436a
libpng-devel-1.2.10-7.0.2.x86_64.rpm
File outdated by:  RHSA-2007:0992		     bd96dc32b7b7e9ef516a80ad136483d5
 
Red Hat Desktop (v. 3)
SRPMS:
libpng-1.2.2-27.src.rpm
File outdated by:  RHSA-2007:0992		     cc5f647187175be6fab898800f64d891
libpng10-1.0.13-17.src.rpm
File outdated by:  RHSA-2007:0992		     72d453e42aafdf7042370e476ae89a66
 
IA-32:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-devel-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     311f6265a6d4b44a35a5c9220718d211
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-devel-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     15dbc12ea625c53c6af98d0f121f5ebe
 
x86_64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     b072d86d2f42aacb7e5680510a63872d
libpng-devel-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     20714b4a7abd99cc1b538d88f2d7a9dc
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1ecdbe6144cc83053471fe822270d027
libpng10-devel-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     a92c14579420936b43b3990d3cb1f42e
 
Red Hat Desktop (v. 4)
SRPMS:
libpng-1.2.7-3.el4.src.rpm
File outdated by:  RHSA-2007:0992		     8ef67fad14ca5c1f9dce4449b1e191d3
libpng10-1.0.16-3.src.rpm
File outdated by:  RHSA-2007:0992		     f16552850fb887ee8a1a9e3a332d3c63
 
IA-32:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-devel-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     4a4945468b83135d1e5652b70a838304
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-devel-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     2115b79e6f2f01fb21ff2dc856374c1a
 
x86_64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     64795eb8ff4d7fe52f1c0a0d286c4b32
libpng-devel-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1046764762d2e06d727c8a45a375ad86
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     47f6bf747e4bffed5cc59102ad179f2e
libpng10-devel-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     79f777f2e31a98a4806788698db38443
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
libpng-1.2.10-7.0.2.src.rpm
File outdated by:  RHSA-2007:0992		     6847a840a8b5af3c3be05bd2d7fa794d
 
IA-32:
libpng-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     35de4b9feba917c3884ba05fac436e3c
libpng-devel-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     60f7db7d67d26ce36d6c609b8fa8436a
 
IA-64:
libpng-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     35de4b9feba917c3884ba05fac436e3c
libpng-1.2.10-7.0.2.ia64.rpm
File outdated by:  RHSA-2007:0992		     8171b221cea21ca901e9c8e694f5dae8
libpng-devel-1.2.10-7.0.2.ia64.rpm
File outdated by:  RHSA-2007:0992		     cea22cdacb80be44f1bfc985b1b9ba7a
 
PPC:
libpng-1.2.10-7.0.2.ppc.rpm
File outdated by:  RHSA-2007:0992		     d2146b45ce3434b0af869691514df5e9
libpng-1.2.10-7.0.2.ppc64.rpm
File outdated by:  RHSA-2007:0992		     8378061d0c82171486795769ecf9f2df
libpng-devel-1.2.10-7.0.2.ppc.rpm
File outdated by:  RHSA-2007:0992		     f1be6e8c8ff46c9d7a46b3e0342af679
libpng-devel-1.2.10-7.0.2.ppc64.rpm
File outdated by:  RHSA-2007:0992		     7c4885b59ce78db55ee21aaa7c91412b
 
s390x:
libpng-1.2.10-7.0.2.s390.rpm
File outdated by:  RHSA-2007:0992		     acb8893c577fcb4ea3e7a813c4728493
libpng-1.2.10-7.0.2.s390x.rpm
File outdated by:  RHSA-2007:0992		     ae2a395e9b5c1c1fcd0ee51c6a11cd5c
libpng-devel-1.2.10-7.0.2.s390.rpm
File outdated by:  RHSA-2007:0992		     fe2bf8a2c3b7dde353f8c6892afa62ac
libpng-devel-1.2.10-7.0.2.s390x.rpm
File outdated by:  RHSA-2007:0992		     21856a7728dee356068f53b5a032ac5b
 
x86_64:
libpng-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     35de4b9feba917c3884ba05fac436e3c
libpng-1.2.10-7.0.2.x86_64.rpm
File outdated by:  RHSA-2007:0992		     6f9c2dcf576f4244a3f8460b8e687c5b
libpng-devel-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     60f7db7d67d26ce36d6c609b8fa8436a
libpng-devel-1.2.10-7.0.2.x86_64.rpm
File outdated by:  RHSA-2007:0992		     bd96dc32b7b7e9ef516a80ad136483d5
 
Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
libpng-1.0.14-10.src.rpm
File outdated by:  RHSA-2007:0992		     8f37bb1836ce21e2f622d48e913a8757
 
IA-32:
libpng-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     03fa135e7a95d58705f47bebb16d7c4b
libpng-devel-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     4cd0bcae95cb1af8573bb84ce6e824e5
 
IA-64:
libpng-1.0.14-10.ia64.rpm
File outdated by:  RHSA-2007:0992		     1efe6683e43c5fc31431c86d1ca084ed
libpng-devel-1.0.14-10.ia64.rpm
File outdated by:  RHSA-2007:0992		     d2da87760c8f52b285fd13d55ac00768
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
libpng-1.2.2-27.src.rpm
File outdated by:  RHSA-2007:0992		     cc5f647187175be6fab898800f64d891
libpng10-1.0.13-17.src.rpm
File outdated by:  RHSA-2007:0992		     72d453e42aafdf7042370e476ae89a66
 
IA-32:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-devel-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     311f6265a6d4b44a35a5c9220718d211
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-devel-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     15dbc12ea625c53c6af98d0f121f5ebe
 
IA-64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     69f61705e012d2b48870502b0d7cadaf
libpng-devel-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     aac473950f6156879ea2f3a4a65ed442
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     06ca30a321bea7147a3eea189a738671
libpng10-devel-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     84d8b739dadb1c6910cc655108e47d05
 
PPC:
libpng-1.2.2-27.ppc.rpm
File outdated by:  RHSA-2007:0992		     4d19507fb3a98e9b4011131a8daad512
libpng-1.2.2-27.ppc64.rpm
File outdated by:  RHSA-2007:0992		     ed37487758ffa50b76d3293e90b751d9
libpng-devel-1.2.2-27.ppc.rpm
File outdated by:  RHSA-2007:0992		     9f4058d2ec0eb06bbe19cd7e2d4cc787
libpng10-1.0.13-17.ppc.rpm
File outdated by:  RHSA-2007:0992		     f07383b79095833521a092d866a58433
libpng10-1.0.13-17.ppc64.rpm
File outdated by:  RHSA-2007:0992		     6cc437306485e060f0e2f50c039ac23d
libpng10-devel-1.0.13-17.ppc.rpm
File outdated by:  RHSA-2007:0992		     048fecebde598609adfd09bebafce5ad
 
s390:
libpng-1.2.2-27.s390.rpm
File outdated by:  RHSA-2007:0992		     07f76cdd991c89be61bce5f09ca6e41c
libpng-devel-1.2.2-27.s390.rpm
File outdated by:  RHSA-2007:0992		     e92277fee6063908e166bdf8f35cb6e5
libpng10-1.0.13-17.s390.rpm
File outdated by:  RHSA-2007:0992		     47098bf97e6c5fd06be6f614595e1efb
libpng10-devel-1.0.13-17.s390.rpm
File outdated by:  RHSA-2007:0992		     63fdfd782a0d0878ff88bb32314cc9c2
 
s390x:
libpng-1.2.2-27.s390.rpm
File outdated by:  RHSA-2007:0992		     07f76cdd991c89be61bce5f09ca6e41c
libpng-1.2.2-27.s390x.rpm
File outdated by:  RHSA-2007:0992		     185dcae13db232006ee9ef4b71705c8b
libpng-devel-1.2.2-27.s390x.rpm
File outdated by:  RHSA-2007:0992		     619c6798b573b6c841e827091be7885a
libpng10-1.0.13-17.s390.rpm
File outdated by:  RHSA-2007:0992		     47098bf97e6c5fd06be6f614595e1efb
libpng10-1.0.13-17.s390x.rpm
File outdated by:  RHSA-2007:0992		     78c1e22dafbd333518032f423d0edbd4
libpng10-devel-1.0.13-17.s390x.rpm
File outdated by:  RHSA-2007:0992		     c0bed5a493d373ee9494973cdb604a32
 
x86_64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     b072d86d2f42aacb7e5680510a63872d
libpng-devel-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     20714b4a7abd99cc1b538d88f2d7a9dc
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1ecdbe6144cc83053471fe822270d027
libpng10-devel-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     a92c14579420936b43b3990d3cb1f42e
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
libpng-1.2.7-3.el4.src.rpm
File outdated by:  RHSA-2007:0992		     8ef67fad14ca5c1f9dce4449b1e191d3
libpng10-1.0.16-3.src.rpm
File outdated by:  RHSA-2007:0992		     f16552850fb887ee8a1a9e3a332d3c63
 
IA-32:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-devel-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     4a4945468b83135d1e5652b70a838304
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-devel-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     2115b79e6f2f01fb21ff2dc856374c1a
 
IA-64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     2051c01b83415587fc810994420f0227
libpng-devel-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     5bbffd4ca84004e74398f8894c588c81
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     c652c1ce02a6a9146be030d915f824c2
libpng10-devel-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     698127bee4d93807fbe1791276b08a14
 
PPC:
libpng-1.2.7-3.el4.ppc.rpm
File outdated by:  RHSA-2007:0992		     ec2dfb54524b6b5a7b752d3b04b7b663
libpng-1.2.7-3.el4.ppc64.rpm
File outdated by:  RHSA-2007:0992		     93c75f39472e84aed6a032856ebe5a7d
libpng-devel-1.2.7-3.el4.ppc.rpm
File outdated by:  RHSA-2007:0992		     946aa208ed75b6b90e3a0b30c1f6b31a
libpng10-1.0.16-3.ppc.rpm
File outdated by:  RHSA-2007:0992		     e70a8b8b57df5f7cace6b16e06e53e34
libpng10-1.0.16-3.ppc64.rpm
File outdated by:  RHSA-2007:0992		     368634778cb2ae8e02aa15ee786080d2
libpng10-devel-1.0.16-3.ppc.rpm
File outdated by:  RHSA-2007:0992		     2f83cd833a90818b45cb5c8a1265a549
 
s390:
libpng-1.2.7-3.el4.s390.rpm
File outdated by:  RHSA-2007:0992		     c26d0d2623dc83d613d0d3da958dc6c0
libpng-devel-1.2.7-3.el4.s390.rpm
File outdated by:  RHSA-2007:0992		     5dec5a031938d2cb0c37c9a5fa703930
libpng10-1.0.16-3.s390.rpm
File outdated by:  RHSA-2007:0992		     12648b96eafa496717bdf47a24d755a5
libpng10-devel-1.0.16-3.s390.rpm
File outdated by:  RHSA-2007:0992		     d160c62f800f36d80a2b4bea1f8ee4c1
 
s390x:
libpng-1.2.7-3.el4.s390.rpm
File outdated by:  RHSA-2007:0992		     c26d0d2623dc83d613d0d3da958dc6c0
libpng-1.2.7-3.el4.s390x.rpm
File outdated by:  RHSA-2007:0992		     f26f1358e2acf40f8c7cfc504861f527
libpng-devel-1.2.7-3.el4.s390x.rpm
File outdated by:  RHSA-2007:0992		     e74c222d0f8008caf5a7f9e8a29a81b8
libpng10-1.0.16-3.s390.rpm
File outdated by:  RHSA-2007:0992		     12648b96eafa496717bdf47a24d755a5
libpng10-1.0.16-3.s390x.rpm
File outdated by:  RHSA-2007:0992		     cd50743d02a2cdc62e8e3de1e4fe9df4
libpng10-devel-1.0.16-3.s390x.rpm
File outdated by:  RHSA-2007:0992		     764f6bc245fef91dd16c3aaef2fd9f95
 
x86_64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     64795eb8ff4d7fe52f1c0a0d286c4b32
libpng-devel-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1046764762d2e06d727c8a45a375ad86
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     47f6bf747e4bffed5cc59102ad179f2e
libpng10-devel-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     79f777f2e31a98a4806788698db38443
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
libpng-1.2.10-7.0.2.src.rpm
File outdated by:  RHSA-2007:0992		     6847a840a8b5af3c3be05bd2d7fa794d
 
IA-32:
libpng-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     35de4b9feba917c3884ba05fac436e3c
 
x86_64:
libpng-1.2.10-7.0.2.i386.rpm
File outdated by:  RHSA-2007:0992		     35de4b9feba917c3884ba05fac436e3c
libpng-1.2.10-7.0.2.x86_64.rpm
File outdated by:  RHSA-2007:0992		     6f9c2dcf576f4244a3f8460b8e687c5b
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
libpng-1.0.14-10.src.rpm
File outdated by:  RHSA-2007:0992		     8f37bb1836ce21e2f622d48e913a8757
 
IA-32:
libpng-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     03fa135e7a95d58705f47bebb16d7c4b
libpng-devel-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     4cd0bcae95cb1af8573bb84ce6e824e5
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
libpng-1.2.2-27.src.rpm
File outdated by:  RHSA-2007:0992		     cc5f647187175be6fab898800f64d891
libpng10-1.0.13-17.src.rpm
File outdated by:  RHSA-2007:0992		     72d453e42aafdf7042370e476ae89a66
 
IA-32:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-devel-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     311f6265a6d4b44a35a5c9220718d211
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-devel-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     15dbc12ea625c53c6af98d0f121f5ebe
 
IA-64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     69f61705e012d2b48870502b0d7cadaf
libpng-devel-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     aac473950f6156879ea2f3a4a65ed442
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     06ca30a321bea7147a3eea189a738671
libpng10-devel-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     84d8b739dadb1c6910cc655108e47d05
 
x86_64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     b072d86d2f42aacb7e5680510a63872d
libpng-devel-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     20714b4a7abd99cc1b538d88f2d7a9dc
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1ecdbe6144cc83053471fe822270d027
libpng10-devel-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     a92c14579420936b43b3990d3cb1f42e
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
libpng-1.2.7-3.el4.src.rpm
File outdated by:  RHSA-2007:0992		     8ef67fad14ca5c1f9dce4449b1e191d3
libpng10-1.0.16-3.src.rpm
File outdated by:  RHSA-2007:0992		     f16552850fb887ee8a1a9e3a332d3c63
 
IA-32:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-devel-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     4a4945468b83135d1e5652b70a838304
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-devel-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     2115b79e6f2f01fb21ff2dc856374c1a
 
IA-64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     2051c01b83415587fc810994420f0227
libpng-devel-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     5bbffd4ca84004e74398f8894c588c81
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     c652c1ce02a6a9146be030d915f824c2
libpng10-devel-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     698127bee4d93807fbe1791276b08a14
 
x86_64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     64795eb8ff4d7fe52f1c0a0d286c4b32
libpng-devel-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1046764762d2e06d727c8a45a375ad86
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     47f6bf747e4bffed5cc59102ad179f2e
libpng10-devel-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     79f777f2e31a98a4806788698db38443
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
libpng-1.0.14-10.src.rpm
File outdated by:  RHSA-2007:0992		     8f37bb1836ce21e2f622d48e913a8757
 
IA-32:
libpng-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     03fa135e7a95d58705f47bebb16d7c4b
libpng-devel-1.0.14-10.i386.rpm
File outdated by:  RHSA-2007:0992		     4cd0bcae95cb1af8573bb84ce6e824e5
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
libpng-1.2.2-27.src.rpm
File outdated by:  RHSA-2007:0992		     cc5f647187175be6fab898800f64d891
libpng10-1.0.13-17.src.rpm
File outdated by:  RHSA-2007:0992		     72d453e42aafdf7042370e476ae89a66
 
IA-32:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-devel-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     311f6265a6d4b44a35a5c9220718d211
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-devel-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     15dbc12ea625c53c6af98d0f121f5ebe
 
IA-64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     69f61705e012d2b48870502b0d7cadaf
libpng-devel-1.2.2-27.ia64.rpm
File outdated by:  RHSA-2007:0992		     aac473950f6156879ea2f3a4a65ed442
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     06ca30a321bea7147a3eea189a738671
libpng10-devel-1.0.13-17.ia64.rpm
File outdated by:  RHSA-2007:0992		     84d8b739dadb1c6910cc655108e47d05
 
x86_64:
libpng-1.2.2-27.i386.rpm
File outdated by:  RHSA-2007:0992		     4ed9a2c6b5f09e11aa4d36f12704fc09
libpng-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     b072d86d2f42aacb7e5680510a63872d
libpng-devel-1.2.2-27.x86_64.rpm
File outdated by:  RHSA-2007:0992		     20714b4a7abd99cc1b538d88f2d7a9dc
libpng10-1.0.13-17.i386.rpm
File outdated by:  RHSA-2007:0992		     7a8c105ffd0149410ed817a63b66771d
libpng10-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1ecdbe6144cc83053471fe822270d027
libpng10-devel-1.0.13-17.x86_64.rpm
File outdated by:  RHSA-2007:0992		     a92c14579420936b43b3990d3cb1f42e
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
libpng-1.2.7-3.el4.src.rpm
File outdated by:  RHSA-2007:0992		     8ef67fad14ca5c1f9dce4449b1e191d3
libpng10-1.0.16-3.src.rpm
File outdated by:  RHSA-2007:0992		     f16552850fb887ee8a1a9e3a332d3c63
 
IA-32:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-devel-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     4a4945468b83135d1e5652b70a838304
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-devel-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     2115b79e6f2f01fb21ff2dc856374c1a
 
IA-64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     2051c01b83415587fc810994420f0227
libpng-devel-1.2.7-3.el4.ia64.rpm
File outdated by:  RHSA-2007:0992		     5bbffd4ca84004e74398f8894c588c81
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     c652c1ce02a6a9146be030d915f824c2
libpng10-devel-1.0.16-3.ia64.rpm
File outdated by:  RHSA-2007:0992		     698127bee4d93807fbe1791276b08a14
 
x86_64:
libpng-1.2.7-3.el4.i386.rpm
File outdated by:  RHSA-2007:0992		     2091755092c118169b1c73477f7aca98
libpng-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     64795eb8ff4d7fe52f1c0a0d286c4b32
libpng-devel-1.2.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2007:0992		     1046764762d2e06d727c8a45a375ad86
libpng10-1.0.16-3.i386.rpm
File outdated by:  RHSA-2007:0992		     c5fe38e12bb83cf3e2a6b14d21933f94
libpng10-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     47f6bf747e4bffed5cc59102ad179f2e
libpng10-devel-1.0.16-3.x86_64.rpm
File outdated by:  RHSA-2007:0992		     79f777f2e31a98a4806788698db38443
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS:
libpng-1.0.14-10.src.rpm
File outdated by:  RHSA-2007:0992		     8f37bb1836ce21e2f622d48e913a8757
 
IA-64:
libpng-1.0.14-10.ia64.rpm
File outdated by:  RHSA-2007:0992		     1efe6683e43c5fc31431c86d1ca084ed
libpng-devel-1.0.14-10.ia64.rpm
File outdated by:  RHSA-2007:0992		     d2da87760c8f52b285fd13d55ac00768
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

215405 - CVE-2006-5793 libpng DoS
239425 - CVE-2007-2445 libpng png_handle_tRNS flaw


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/