Red Hat Customer Portal

Skip to main content

Security Advisory Moderate: libpng12 security update

Advisory: RHSA-2015:2595-1
Type: Security Advisory
Severity: Moderate
Issued on: 2015-12-09
Last updated on: 2015-12-09
Affected Products: Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux HPC Node EUS (v. 7.2)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server AUS (v. 7.2)
Red Hat Enterprise Linux Server EUS (v. 7.2)
Red Hat Enterprise Linux Workstation (v. 7)
CVEs (cve.mitre.org): CVE-2015-7981
CVE-2015-8126
CVE-2015-8472

Details

Updated libpng12 packages that fix three security issues are now available
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which
give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The libpng12 packages contain a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.

It was discovered that the png_get_PLTE() and png_set_PLTE() functions of
libpng did not correctly calculate the maximum palette sizes for bit depths
of less than 8. In case an application tried to use these functions in
combination with properly calculated palette sizes, this could lead to a
buffer overflow or out-of-bounds reads. An attacker could exploit this to
cause a crash or potentially execute arbitrary code by tricking an
unsuspecting user into processing a specially crafted PNG image. However,
the exact impact is dependent on the application using the library.
(CVE-2015-8126, CVE-2015-8472)

An array-indexing error was discovered in the png_convert_to_rfc1123()
function of libpng. An attacker could possibly use this flaw to cause an
out-of-bounds read by tricking an unsuspecting user into processing a
specially crafted PNG image. (CVE-2015-7981)

All libpng12 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux HPC Node EUS (v. 7.2)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm     MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm     MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm     MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm     MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm     MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm     MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
PPC:
libpng12-1.2.50-7.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2504
    MD5: 566446fe312d3bee42904db3a5ca680e
SHA-256: ab38bd2305addfbc74811ecbe7ac3fcc3cab9c576731a9f335d476739528f9a1
libpng12-1.2.50-7.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2504
    MD5: 6ff4b8da807ef5d6c6d5787e0b5db607
SHA-256: 532b11daa1cb89fe543e8bea9a163cad221089b780415981d86df318b7f24ce7
libpng12-debuginfo-1.2.50-7.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2504
    MD5: 1fed0b3bc45ce115066d3e462e038f4d
SHA-256: aaacb322111c900d6e90416798faef3930b0b25afbdaa500d8fd010b25ffb268
libpng12-debuginfo-1.2.50-7.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2504
    MD5: 5ca90a10c9065510978d1857201fcd2b
SHA-256: 8a8052fa1641ebe795e8418bf2877d45313f1d7eeb38c90b1e74878102ebf0f0
libpng12-devel-1.2.50-7.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2504
    MD5: 99ead45fe0137e5720b481f0bebecd9e
SHA-256: 042542fc6889a7862bd591824a6160e4a3cd047ea02f5595128b3c414ee17ab0
libpng12-devel-1.2.50-7.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2504
    MD5: 1709ab85c5145a746e7a370d893bf9a7
SHA-256: ed9ecc06b72cdec53028e96769a53808fb81076e7be82369afcf006e00af217c
 
PPC64LE:
libpng12-1.2.50-7.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2504
    MD5: 7800f03b4df5135f69a58ca16e9d71dd
SHA-256: f6d6ab4c21ba3cd1f4c4764e954adf29b43a8c89f2923ff454ea8bb5fd513378
libpng12-debuginfo-1.2.50-7.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2504
    MD5: ad3eab5457819a45a730281db92a2255
SHA-256: c3ceb7bb5b87e4252457f0e60a1d334aa0112961c11e913a6a80ed0b5f1c712b
libpng12-devel-1.2.50-7.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2504
    MD5: da8370ea53300106fcaf0d7d9388909e
SHA-256: 9781c3f9674ad55ede89d8f180976648e97e1f7f9c197f4a996cdebd936f6725
 
s390x:
libpng12-1.2.50-7.el7_2.s390.rpm
File outdated by:  RHBA-2016:2504
    MD5: bee3aa9cb5c4598b980b7ea79b6a7ea2
SHA-256: bc6e1801525b3225db9751b4084205d3b7e120d6d9bc8ccd304c90dcab453f28
libpng12-1.2.50-7.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2504
    MD5: 54df689b908b8fb0f7ef79fa3c2c8758
SHA-256: 6881bc61a42ddd81a7b252d9833c5d21584fdf2c3dedfd01fc9405e22c39be76
libpng12-debuginfo-1.2.50-7.el7_2.s390.rpm
File outdated by:  RHBA-2016:2504
    MD5: 011364471b69af40c6d63de5ce9c7d16
SHA-256: d32cdbf0ea3ded5795bee1236d681d9d4e11757cb0df11b92d9574e8360d6865
libpng12-debuginfo-1.2.50-7.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2504
    MD5: 69e1a7121d6d214277c5d6f3d31a3800
SHA-256: 99987f97ef0916c8802eaf32fd6fe1d74ff2874dbe3df91fe359aba57a978381
libpng12-devel-1.2.50-7.el7_2.s390.rpm
File outdated by:  RHBA-2016:2504
    MD5: 8d86b8909ca4ec43fef48f222a7af707
SHA-256: 0826eaa4a784543928d2943bc72d6649e775c7e35118ada2257da707bc2a5241
libpng12-devel-1.2.50-7.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2504
    MD5: 9dc162f011ab7c3ba84f3623e892f46b
SHA-256: 756bf77b090a0b67e66b92c35f26dec9e9cb6745b0accff550925ea470a5a3cc
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux Server AUS (v. 7.2)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm     MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm     MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm     MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm     MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm     MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm     MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux Server EUS (v. 7.2)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
PPC:
libpng12-1.2.50-7.el7_2.ppc.rpm     MD5: 566446fe312d3bee42904db3a5ca680e
SHA-256: ab38bd2305addfbc74811ecbe7ac3fcc3cab9c576731a9f335d476739528f9a1
libpng12-1.2.50-7.el7_2.ppc64.rpm     MD5: 6ff4b8da807ef5d6c6d5787e0b5db607
SHA-256: 532b11daa1cb89fe543e8bea9a163cad221089b780415981d86df318b7f24ce7
libpng12-debuginfo-1.2.50-7.el7_2.ppc.rpm     MD5: 1fed0b3bc45ce115066d3e462e038f4d
SHA-256: aaacb322111c900d6e90416798faef3930b0b25afbdaa500d8fd010b25ffb268
libpng12-debuginfo-1.2.50-7.el7_2.ppc64.rpm     MD5: 5ca90a10c9065510978d1857201fcd2b
SHA-256: 8a8052fa1641ebe795e8418bf2877d45313f1d7eeb38c90b1e74878102ebf0f0
libpng12-devel-1.2.50-7.el7_2.ppc.rpm     MD5: 99ead45fe0137e5720b481f0bebecd9e
SHA-256: 042542fc6889a7862bd591824a6160e4a3cd047ea02f5595128b3c414ee17ab0
libpng12-devel-1.2.50-7.el7_2.ppc64.rpm     MD5: 1709ab85c5145a746e7a370d893bf9a7
SHA-256: ed9ecc06b72cdec53028e96769a53808fb81076e7be82369afcf006e00af217c
 
PPC64LE:
libpng12-1.2.50-7.el7_2.ppc64le.rpm     MD5: 7800f03b4df5135f69a58ca16e9d71dd
SHA-256: f6d6ab4c21ba3cd1f4c4764e954adf29b43a8c89f2923ff454ea8bb5fd513378
libpng12-debuginfo-1.2.50-7.el7_2.ppc64le.rpm     MD5: ad3eab5457819a45a730281db92a2255
SHA-256: c3ceb7bb5b87e4252457f0e60a1d334aa0112961c11e913a6a80ed0b5f1c712b
libpng12-devel-1.2.50-7.el7_2.ppc64le.rpm     MD5: da8370ea53300106fcaf0d7d9388909e
SHA-256: 9781c3f9674ad55ede89d8f180976648e97e1f7f9c197f4a996cdebd936f6725
 
s390x:
libpng12-1.2.50-7.el7_2.s390.rpm     MD5: bee3aa9cb5c4598b980b7ea79b6a7ea2
SHA-256: bc6e1801525b3225db9751b4084205d3b7e120d6d9bc8ccd304c90dcab453f28
libpng12-1.2.50-7.el7_2.s390x.rpm     MD5: 54df689b908b8fb0f7ef79fa3c2c8758
SHA-256: 6881bc61a42ddd81a7b252d9833c5d21584fdf2c3dedfd01fc9405e22c39be76
libpng12-debuginfo-1.2.50-7.el7_2.s390.rpm     MD5: 011364471b69af40c6d63de5ce9c7d16
SHA-256: d32cdbf0ea3ded5795bee1236d681d9d4e11757cb0df11b92d9574e8360d6865
libpng12-debuginfo-1.2.50-7.el7_2.s390x.rpm     MD5: 69e1a7121d6d214277c5d6f3d31a3800
SHA-256: 99987f97ef0916c8802eaf32fd6fe1d74ff2874dbe3df91fe359aba57a978381
libpng12-devel-1.2.50-7.el7_2.s390.rpm     MD5: 8d86b8909ca4ec43fef48f222a7af707
SHA-256: 0826eaa4a784543928d2943bc72d6649e775c7e35118ada2257da707bc2a5241
libpng12-devel-1.2.50-7.el7_2.s390x.rpm     MD5: 9dc162f011ab7c3ba84f3623e892f46b
SHA-256: 756bf77b090a0b67e66b92c35f26dec9e9cb6745b0accff550925ea470a5a3cc
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm     MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm     MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm     MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm     MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm     MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm     MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
libpng12-1.2.50-7.el7_2.src.rpm
File outdated by:  RHBA-2016:2504
    MD5: b1a4a885f3fb53021eaa85a718d86f21
SHA-256: 85570c1225877493d0aba7891e598f5c6527767a4dacecf82f7a2a8667d6710f
 
x86_64:
libpng12-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: 96f74f780f6c61d8c13b865def2ba41e
SHA-256: 064cd23c36ffb6d7956dddce89d7f09413ac4559cd847166456e25bea21b589f
libpng12-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f08d901533e52de97e48d0f00d03e862
SHA-256: f7fee355d9f93c85da9da68f75ba675f912f028c762573be94ce5e96f6520512
libpng12-debuginfo-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: abbc95aba284260563e1bc4e2bad815d
SHA-256: 3402135a9da591e43b86323eac4a1460eaa497332a8f1260b084d5cd88cb2248
libpng12-debuginfo-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: b5d08e05cd95abae93f0c259b9c92310
SHA-256: 5bb8f3df17df0fe583c410ebe7d2000032ef417393652f318b7006c62a36d327
libpng12-devel-1.2.50-7.el7_2.i686.rpm
File outdated by:  RHBA-2016:2504
    MD5: a83da9ced2ff4e58c024cdcc663c1dad
SHA-256: ee1f01e73810128d81d6a23eacadab9c674089232adacd83cf9c7a49821c3f34
libpng12-devel-1.2.50-7.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2504
    MD5: f5c1eead3d23852fd4173c6883768bd5
SHA-256: 16915200bc75a87744780e3105a84d2655817981f0f8a95923548975b5217418
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123
1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/