Security Advisory Moderate: libpng security update

Advisory: RHSA-2009:0333-7
Type: Security Advisory
Severity: Moderate
Issued on: 2009-03-04
Last updated on: 2009-03-04
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
OVAL: com.redhat.rhsa-20090333.xml
CVEs (cve.mitre.org): CVE-2008-1382
CVE-2009-0040

Details

Updated libpng and libpng10 packages that fix a couple of security issues
are now available for Red Hat Enterprise Linux 2.1, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The libpng packages contain a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.

A flaw was discovered in libpng that could result in libpng trying to
free() random memory if certain, unlikely error conditions occurred. If a
carefully-crafted PNG file was loaded by an application linked against
libpng, it could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the application.
(CVE-2009-0040)

A flaw was discovered in the way libpng handled PNG images containing
"unknown" chunks. If an application linked against libpng attempted to
process a malformed, unknown chunk in a malicious PNG image, it could cause
the application to crash. (CVE-2008-1382)

Users of libpng and libpng10 should upgrade to these updated packages,
which contain backported patches to correct these issues. All running
applications using libpng or libpng10 must be restarted for the update to
take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
libpng-1.2.10-7.1.el5_3.2.src.rpm     779086624d612f5709463504273a175f
 
IA-32:
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
 
x86_64:
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
libpng-devel-1.2.10-7.1.el5_3.2.x86_64.rpm     cafa1bbbb352adbd02a9a192622c1b21
 
Red Hat Desktop (v. 4)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
libpng-1.2.10-7.1.el5_3.2.src.rpm     779086624d612f5709463504273a175f
 
IA-32:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
 
IA-64:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-1.2.10-7.1.el5_3.2.ia64.rpm     52eb50a005af339ee5756844f9425d8e
libpng-devel-1.2.10-7.1.el5_3.2.ia64.rpm     e72d07765f7080232739f94689548d09
 
PPC:
libpng-1.2.10-7.1.el5_3.2.ppc.rpm     29932902ce80a2e42c96015dfadb4f4e
libpng-1.2.10-7.1.el5_3.2.ppc64.rpm     0c05931fbb9939bc3e960f8fe8edc5b8
libpng-devel-1.2.10-7.1.el5_3.2.ppc.rpm     b653301ee0fc1a845b4b65bb3101c0d1
libpng-devel-1.2.10-7.1.el5_3.2.ppc64.rpm     352051b60e74daea5248e15fbc28b188
 
s390x:
libpng-1.2.10-7.1.el5_3.2.s390.rpm     3bf107b2bcc3d402f2739a99f5a09236
libpng-1.2.10-7.1.el5_3.2.s390x.rpm     973d8bce0ac4ed6ecc8e9155f357ea91
libpng-devel-1.2.10-7.1.el5_3.2.s390.rpm     c9551bc7214b7cce1e3c55348033f1cc
libpng-devel-1.2.10-7.1.el5_3.2.s390x.rpm     cbd073e7f227d13d8526204acf42b1a5
 
x86_64:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-1.2.10-7.1.el5_3.2.x86_64.rpm     85d379b2bb9878486b91d7ec0080fb9a
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
libpng-devel-1.2.10-7.1.el5_3.2.x86_64.rpm     cafa1bbbb352adbd02a9a192622c1b21
 
Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
libpng-1.0.14-12.src.rpm     9fe9739d09eb19d490af15d30593ac14
 
IA-32:
libpng-1.0.14-12.i386.rpm     bf765eb7c857d8ba343bcaa582cfc21f
libpng-devel-1.0.14-12.i386.rpm     61c49f82b89767d8a3a08d0454297a8a
 
IA-64:
libpng-1.0.14-12.ia64.rpm     14bdfcf6ca1fc99be6e191dc0bd5267e
libpng-devel-1.0.14-12.ia64.rpm     109704c20a0c4db3209894a7f50eb8c5
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
IA-64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.ia64.rpm     9cdbfc6f5ff563b42c42ac7ca660501f
libpng-devel-1.2.7-3.el4_7.2.ia64.rpm     db24af887d80bc8b089fbc1a475a5d9f
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.ia64.rpm     dc9a8854458dbbd8f7eb84210a23e67b
libpng10-devel-1.0.16-3.el4_7.3.ia64.rpm     b6ee5cbc07383b216e8153ddc1d46fb8
 
PPC:
libpng-1.2.7-3.el4_7.2.ppc.rpm     bcc4d950a5406ab7c691031b4a686055
libpng-1.2.7-3.el4_7.2.ppc64.rpm     cad47fc7406921ea94685d98bbc95809
libpng-devel-1.2.7-3.el4_7.2.ppc.rpm     8d3597f37f01f075850b10c3ce61791b
libpng10-1.0.16-3.el4_7.3.ppc.rpm     41aee1120a26883fbf07272178831c49
libpng10-1.0.16-3.el4_7.3.ppc64.rpm     b4cb98646e9bc1a1fdb5e9b94b17459f
libpng10-devel-1.0.16-3.el4_7.3.ppc.rpm     fd5fff3fee1281916a7130d4e589588d
 
s390:
libpng-1.2.7-3.el4_7.2.s390.rpm     906c16aaeb638810ea074dbdce6623f9
libpng-devel-1.2.7-3.el4_7.2.s390.rpm     9e702af07ed7dc079f9c72ca5bc62ac2
libpng10-1.0.16-3.el4_7.3.s390.rpm     772345de3a03e1633bde68f8c30c786b
libpng10-devel-1.0.16-3.el4_7.3.s390.rpm     bd6ece2289b23a5dda73777af1c55736
 
s390x:
libpng-1.2.7-3.el4_7.2.s390.rpm     906c16aaeb638810ea074dbdce6623f9
libpng-1.2.7-3.el4_7.2.s390x.rpm     15a6703c4a7b0c5ee51251a11615f0be
libpng-devel-1.2.7-3.el4_7.2.s390x.rpm     fe50555ccc8d6f1cee23482976900673
libpng10-1.0.16-3.el4_7.3.s390.rpm     772345de3a03e1633bde68f8c30c786b
libpng10-1.0.16-3.el4_7.3.s390x.rpm     9e2328184fbba62388975fd0d3c7d021
libpng10-devel-1.0.16-3.el4_7.3.s390x.rpm     5369128616d85a8613482d5817afbc03
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
IA-64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.ia64.rpm     9cdbfc6f5ff563b42c42ac7ca660501f
libpng-devel-1.2.7-3.el4_7.2.ia64.rpm     db24af887d80bc8b089fbc1a475a5d9f
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.ia64.rpm     dc9a8854458dbbd8f7eb84210a23e67b
libpng10-devel-1.0.16-3.el4_7.3.ia64.rpm     b6ee5cbc07383b216e8153ddc1d46fb8
 
PPC:
libpng-1.2.7-3.el4_7.2.ppc.rpm     bcc4d950a5406ab7c691031b4a686055
libpng-1.2.7-3.el4_7.2.ppc64.rpm     cad47fc7406921ea94685d98bbc95809
libpng-devel-1.2.7-3.el4_7.2.ppc.rpm     8d3597f37f01f075850b10c3ce61791b
libpng10-1.0.16-3.el4_7.3.ppc.rpm     41aee1120a26883fbf07272178831c49
libpng10-1.0.16-3.el4_7.3.ppc64.rpm     b4cb98646e9bc1a1fdb5e9b94b17459f
libpng10-devel-1.0.16-3.el4_7.3.ppc.rpm     fd5fff3fee1281916a7130d4e589588d
 
s390:
libpng-1.2.7-3.el4_7.2.s390.rpm     906c16aaeb638810ea074dbdce6623f9
libpng-devel-1.2.7-3.el4_7.2.s390.rpm     9e702af07ed7dc079f9c72ca5bc62ac2
libpng10-1.0.16-3.el4_7.3.s390.rpm     772345de3a03e1633bde68f8c30c786b
libpng10-devel-1.0.16-3.el4_7.3.s390.rpm     bd6ece2289b23a5dda73777af1c55736
 
s390x:
libpng-1.2.7-3.el4_7.2.s390.rpm     906c16aaeb638810ea074dbdce6623f9
libpng-1.2.7-3.el4_7.2.s390x.rpm     15a6703c4a7b0c5ee51251a11615f0be
libpng-devel-1.2.7-3.el4_7.2.s390x.rpm     fe50555ccc8d6f1cee23482976900673
libpng10-1.0.16-3.el4_7.3.s390.rpm     772345de3a03e1633bde68f8c30c786b
libpng10-1.0.16-3.el4_7.3.s390x.rpm     9e2328184fbba62388975fd0d3c7d021
libpng10-devel-1.0.16-3.el4_7.3.s390x.rpm     5369128616d85a8613482d5817afbc03
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
libpng-1.2.10-7.1.el5_3.2.src.rpm     779086624d612f5709463504273a175f
 
IA-32:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
 
x86_64:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-1.2.10-7.1.el5_3.2.x86_64.rpm     85d379b2bb9878486b91d7ec0080fb9a
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
libpng-1.0.14-12.src.rpm     9fe9739d09eb19d490af15d30593ac14
 
IA-32:
libpng-1.0.14-12.i386.rpm     bf765eb7c857d8ba343bcaa582cfc21f
libpng-devel-1.0.14-12.i386.rpm     61c49f82b89767d8a3a08d0454297a8a
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
IA-64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.ia64.rpm     9cdbfc6f5ff563b42c42ac7ca660501f
libpng-devel-1.2.7-3.el4_7.2.ia64.rpm     db24af887d80bc8b089fbc1a475a5d9f
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.ia64.rpm     dc9a8854458dbbd8f7eb84210a23e67b
libpng10-devel-1.0.16-3.el4_7.3.ia64.rpm     b6ee5cbc07383b216e8153ddc1d46fb8
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
IA-64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.ia64.rpm     9cdbfc6f5ff563b42c42ac7ca660501f
libpng-devel-1.2.7-3.el4_7.2.ia64.rpm     db24af887d80bc8b089fbc1a475a5d9f
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.ia64.rpm     dc9a8854458dbbd8f7eb84210a23e67b
libpng10-devel-1.0.16-3.el4_7.3.ia64.rpm     b6ee5cbc07383b216e8153ddc1d46fb8
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
libpng-1.2.10-7.1.el5_3.2.src.rpm     779086624d612f5709463504273a175f
 
IA-32:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
 
IA-64:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-1.2.10-7.1.el5_3.2.ia64.rpm     52eb50a005af339ee5756844f9425d8e
libpng-devel-1.2.10-7.1.el5_3.2.ia64.rpm     e72d07765f7080232739f94689548d09
 
PPC:
libpng-1.2.10-7.1.el5_3.2.ppc.rpm     29932902ce80a2e42c96015dfadb4f4e
libpng-1.2.10-7.1.el5_3.2.ppc64.rpm     0c05931fbb9939bc3e960f8fe8edc5b8
libpng-devel-1.2.10-7.1.el5_3.2.ppc.rpm     b653301ee0fc1a845b4b65bb3101c0d1
libpng-devel-1.2.10-7.1.el5_3.2.ppc64.rpm     352051b60e74daea5248e15fbc28b188
 
s390x:
libpng-1.2.10-7.1.el5_3.2.s390.rpm     3bf107b2bcc3d402f2739a99f5a09236
libpng-1.2.10-7.1.el5_3.2.s390x.rpm     973d8bce0ac4ed6ecc8e9155f357ea91
libpng-devel-1.2.10-7.1.el5_3.2.s390.rpm     c9551bc7214b7cce1e3c55348033f1cc
libpng-devel-1.2.10-7.1.el5_3.2.s390x.rpm     cbd073e7f227d13d8526204acf42b1a5
 
x86_64:
libpng-1.2.10-7.1.el5_3.2.i386.rpm     8f786ff83f610b8507b22ba002c41f35
libpng-1.2.10-7.1.el5_3.2.x86_64.rpm     85d379b2bb9878486b91d7ec0080fb9a
libpng-devel-1.2.10-7.1.el5_3.2.i386.rpm     8671783bf917c75bca0b57c863c26ce1
libpng-devel-1.2.10-7.1.el5_3.2.x86_64.rpm     cafa1bbbb352adbd02a9a192622c1b21
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
libpng-1.0.14-12.src.rpm     9fe9739d09eb19d490af15d30593ac14
 
IA-32:
libpng-1.0.14-12.i386.rpm     bf765eb7c857d8ba343bcaa582cfc21f
libpng-devel-1.0.14-12.i386.rpm     61c49f82b89767d8a3a08d0454297a8a
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
libpng-1.2.7-3.el4_7.2.src.rpm     a5e865daa5b5a09dda69b6caf79714dc
libpng10-1.0.16-3.el4_7.3.src.rpm     77c5fb8607b0b58ba8eabd4ac6bb1cc1
 
IA-32:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-devel-1.2.7-3.el4_7.2.i386.rpm     7eebdb85cc9e1630db4d8fd41127343c
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-devel-1.0.16-3.el4_7.3.i386.rpm     8c1e487c9a7c90ef939af26c5a01042a
 
IA-64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.ia64.rpm     9cdbfc6f5ff563b42c42ac7ca660501f
libpng-devel-1.2.7-3.el4_7.2.ia64.rpm     db24af887d80bc8b089fbc1a475a5d9f
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.ia64.rpm     dc9a8854458dbbd8f7eb84210a23e67b
libpng10-devel-1.0.16-3.el4_7.3.ia64.rpm     b6ee5cbc07383b216e8153ddc1d46fb8
 
x86_64:
libpng-1.2.7-3.el4_7.2.i386.rpm     8dc1ea312432982a9c726742dcd71a09
libpng-1.2.7-3.el4_7.2.x86_64.rpm     44be00bc67080f72b031868c62bbe80b
libpng-devel-1.2.7-3.el4_7.2.x86_64.rpm     efb96c4820f61fcb381e71fa0b9fcc04
libpng10-1.0.16-3.el4_7.3.i386.rpm     d36532341390aae868943cbc40d06c94
libpng10-1.0.16-3.el4_7.3.x86_64.rpm     47c42229cf00131b731f495c115a9a2c
libpng10-devel-1.0.16-3.el4_7.3.x86_64.rpm     e0a5ec95f50a37620610a3634ba00bb0
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS:
libpng-1.0.14-12.src.rpm     9fe9739d09eb19d490af15d30593ac14
 
IA-64:
libpng-1.0.14-12.ia64.rpm     14bdfcf6ca1fc99be6e191dc0bd5267e
libpng-devel-1.0.14-12.ia64.rpm     109704c20a0c4db3209894a7f50eb8c5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

441839 - CVE-2008-1382 libpng unknown chunk handling flaw
486355 - CVE-2009-0040 libpng arbitrary free() flaw


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/