Skip to navigation

Security Advisory Moderate: libpng security update

Advisory: RHSA-2011:1105-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-07-28
Last updated on: 2011-07-28
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-2501
CVE-2011-2690
CVE-2011-2692

Details

Updated libpng packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The libpng packages contain a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.

A buffer overflow flaw was found in the way libpng processed certain PNG
image files. An attacker could create a specially-crafted PNG image that,
when opened, could cause an application using libpng to crash or,
potentially, execute arbitrary code with the privileges of the user running
the application. (CVE-2011-2690)

Note: The application behavior required to exploit CVE-2011-2690 is rarely
used. No application shipped with Red Hat Enterprise Linux behaves this
way, for example.

An out-of-bounds memory read flaw was found in the way libpng processed
certain PNG image files. An attacker could create a specially-crafted PNG
image that, when opened, could cause an application using libpng to crash.
(CVE-2011-2501)

An uninitialized memory read issue was found in the way libpng processed
certain PNG images that use the Physical Scale (sCAL) extension. An
attacker could create a specially-crafted PNG image that, when opened,
could cause an application using libpng to crash. (CVE-2011-2692)

Users of libpng should upgrade to these updated packages, which upgrade
libpng to version 1.2.46 to correct these issues. All running applications
using libpng must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libpng-1.2.46-1.el6_1.src.rpm
File outdated by:  RHSA-2012:0523
    MD5: cb5bd52cb76e0d4b2d53612957a82b18
SHA-256: 0bbf5fcdb7d19b8056b6176bc7a7038973ef2e64487b193af2170d1a2b301f06
 
IA-32:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-static-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 11d018340d57cd29e44b60dca4c66dc9
SHA-256: 0b8dfb8b4c67a5cb5484c41780e757426ee09d3982e1c6e43202be803c5edcf2
 
x86_64:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4f05e9fdaa45f93073d73009b14d4e41
SHA-256: 976dde3fd25037afd5dc7e9d61dd1ae11c9025196e1753bbb7b0a7adc6c7bc05
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-debuginfo-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 16b8d55943ff4b91ef42ca02184a4b3f
SHA-256: 0bf527f3d48079a90e6c99b2351807bc17c9f80517497b089261237247d3b2c0
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-devel-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 76f364aa456a1e9091186fd59307fc4c
SHA-256: e5d3875937c6e0a4729107b22dba2eebc5c43b052fedd93f2331da6f95b24deb
libpng-static-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 10f79b875738f1ef809460d9601ed477
SHA-256: fd4770765c638172fc65b9cc1a201e40b042bd49ccc3139bb133524a94e6faa4
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libpng-1.2.46-1.el6_1.src.rpm
File outdated by:  RHSA-2012:0523
    MD5: cb5bd52cb76e0d4b2d53612957a82b18
SHA-256: 0bbf5fcdb7d19b8056b6176bc7a7038973ef2e64487b193af2170d1a2b301f06
 
x86_64:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4f05e9fdaa45f93073d73009b14d4e41
SHA-256: 976dde3fd25037afd5dc7e9d61dd1ae11c9025196e1753bbb7b0a7adc6c7bc05
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-debuginfo-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 16b8d55943ff4b91ef42ca02184a4b3f
SHA-256: 0bf527f3d48079a90e6c99b2351807bc17c9f80517497b089261237247d3b2c0
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-devel-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 76f364aa456a1e9091186fd59307fc4c
SHA-256: e5d3875937c6e0a4729107b22dba2eebc5c43b052fedd93f2331da6f95b24deb
libpng-static-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 10f79b875738f1ef809460d9601ed477
SHA-256: fd4770765c638172fc65b9cc1a201e40b042bd49ccc3139bb133524a94e6faa4
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libpng-1.2.46-1.el6_1.src.rpm
File outdated by:  RHSA-2012:0523
    MD5: cb5bd52cb76e0d4b2d53612957a82b18
SHA-256: 0bbf5fcdb7d19b8056b6176bc7a7038973ef2e64487b193af2170d1a2b301f06
 
IA-32:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-static-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 11d018340d57cd29e44b60dca4c66dc9
SHA-256: 0b8dfb8b4c67a5cb5484c41780e757426ee09d3982e1c6e43202be803c5edcf2
 
PPC:
libpng-1.2.46-1.el6_1.ppc.rpm
File outdated by:  RHSA-2012:0523
    MD5: a5456888eabe529e7e0533d3b42d5e5f
SHA-256: 2fe658f10d7d8326eaab1700b913ead708941fcf17322e00ed7da2e5f2eb6074
libpng-1.2.46-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 3a023c0a75738838f2705a91fbf10a6b
SHA-256: 053493800bb82b0898f0b928b12896fff38f9674b0a909b47ba3402bc349b501
libpng-debuginfo-1.2.46-1.el6_1.ppc.rpm
File outdated by:  RHSA-2012:0523
    MD5: 52b263dabb186691875b1b2d6510c324
SHA-256: 7a2e3e2c93b0245a4e93e8b3e335703f4f4d4537cd270199e91b6d446837055c
libpng-debuginfo-1.2.46-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2012:0523
    MD5: e1ec17eaf2302432690aead3d51d1351
SHA-256: 61bd8d37ba577e267d06687337091fec9ed284a99f9dcce00a16ae4945e4924d
libpng-devel-1.2.46-1.el6_1.ppc.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4a64028a4d74201478349111e6434ae0
SHA-256: 640d11070be6c1a8ac9a0f08a6f021146ac1b3e8e644681f62812075c24c5418
libpng-devel-1.2.46-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 78dd7208a9680fbd547153194b3d3447
SHA-256: cf26c5d40ddef8c367482d183f8471251362098d43646052ac0c30527888af46
libpng-static-1.2.46-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4722d0084cfc0a9de0d00bde5d761de5
SHA-256: df8f6f34ed1f497ff81547891c80ffa286c6dd4ae6cf2402b60d4b7f1a1efa10
 
s390x:
libpng-1.2.46-1.el6_1.s390.rpm
File outdated by:  RHSA-2012:0523
    MD5: 5c9ec6c00655431392e3753b4d5f4c78
SHA-256: cb1105d9c7a82e74553b38dd7d37764c01087fc859e40528325a27d95c44d07b
libpng-1.2.46-1.el6_1.s390x.rpm
File outdated by:  RHSA-2012:0523
    MD5: 81d5693bc1be19348cc272dea4eb9add
SHA-256: 5029d0c420ed98341b0584a06da66f0e7d27ed08eb8b78783b375fbcc2d82228
libpng-debuginfo-1.2.46-1.el6_1.s390.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4ef362a25c9476e3357cfc71e91572bb
SHA-256: e853c375f14d76b3463c88d564c3e8050c2273a95118bb5acd0b7ac0e43ddd12
libpng-debuginfo-1.2.46-1.el6_1.s390x.rpm
File outdated by:  RHSA-2012:0523
    MD5: e4e01a4320885da93c4670089d92ad09
SHA-256: 095c456acd308d19a8f15cc247482dd0ea2f05973a388311cf9ba653bf268c72
libpng-devel-1.2.46-1.el6_1.s390.rpm
File outdated by:  RHSA-2012:0523
    MD5: b48a6dc4e30c61311c391d4e26217508
SHA-256: 596f1645967ff56504df105d00da0911c2b24860fd8bd1767fdbd8e9360275d5
libpng-devel-1.2.46-1.el6_1.s390x.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4ffd50d53005d403a727c7c49f2f295b
SHA-256: a97fcffafad519cbffe9021218c8a5ff425cbf1dd9f0fc6a42fda5c170124b76
libpng-static-1.2.46-1.el6_1.s390x.rpm
File outdated by:  RHSA-2012:0523
    MD5: afa14a6224af7e25c691d63e8008cecf
SHA-256: b7025564d5cb98c2e8f5c9279b147ddfa99a48d32b569d54b45a3dd4388d5d52
 
x86_64:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4f05e9fdaa45f93073d73009b14d4e41
SHA-256: 976dde3fd25037afd5dc7e9d61dd1ae11c9025196e1753bbb7b0a7adc6c7bc05
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-debuginfo-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 16b8d55943ff4b91ef42ca02184a4b3f
SHA-256: 0bf527f3d48079a90e6c99b2351807bc17c9f80517497b089261237247d3b2c0
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-devel-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 76f364aa456a1e9091186fd59307fc4c
SHA-256: e5d3875937c6e0a4729107b22dba2eebc5c43b052fedd93f2331da6f95b24deb
libpng-static-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 10f79b875738f1ef809460d9601ed477
SHA-256: fd4770765c638172fc65b9cc1a201e40b042bd49ccc3139bb133524a94e6faa4
 
Red Hat Enterprise Linux Server EUS (v. 6.1.z)

SRPMS:
libpng-1.2.46-1.el6_1.src.rpm
File outdated by:  RHSA-2012:0523
    MD5: cb5bd52cb76e0d4b2d53612957a82b18
SHA-256: 0bbf5fcdb7d19b8056b6176bc7a7038973ef2e64487b193af2170d1a2b301f06
 
IA-32:
libpng-1.2.46-1.el6_1.i686.rpm     MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm     MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-devel-1.2.46-1.el6_1.i686.rpm     MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-static-1.2.46-1.el6_1.i686.rpm     MD5: 11d018340d57cd29e44b60dca4c66dc9
SHA-256: 0b8dfb8b4c67a5cb5484c41780e757426ee09d3982e1c6e43202be803c5edcf2
 
PPC:
libpng-1.2.46-1.el6_1.ppc.rpm     MD5: a5456888eabe529e7e0533d3b42d5e5f
SHA-256: 2fe658f10d7d8326eaab1700b913ead708941fcf17322e00ed7da2e5f2eb6074
libpng-1.2.46-1.el6_1.ppc64.rpm     MD5: 3a023c0a75738838f2705a91fbf10a6b
SHA-256: 053493800bb82b0898f0b928b12896fff38f9674b0a909b47ba3402bc349b501
libpng-debuginfo-1.2.46-1.el6_1.ppc.rpm     MD5: 52b263dabb186691875b1b2d6510c324
SHA-256: 7a2e3e2c93b0245a4e93e8b3e335703f4f4d4537cd270199e91b6d446837055c
libpng-debuginfo-1.2.46-1.el6_1.ppc64.rpm     MD5: e1ec17eaf2302432690aead3d51d1351
SHA-256: 61bd8d37ba577e267d06687337091fec9ed284a99f9dcce00a16ae4945e4924d
libpng-devel-1.2.46-1.el6_1.ppc.rpm     MD5: 4a64028a4d74201478349111e6434ae0
SHA-256: 640d11070be6c1a8ac9a0f08a6f021146ac1b3e8e644681f62812075c24c5418
libpng-devel-1.2.46-1.el6_1.ppc64.rpm     MD5: 78dd7208a9680fbd547153194b3d3447
SHA-256: cf26c5d40ddef8c367482d183f8471251362098d43646052ac0c30527888af46
libpng-static-1.2.46-1.el6_1.ppc64.rpm     MD5: 4722d0084cfc0a9de0d00bde5d761de5
SHA-256: df8f6f34ed1f497ff81547891c80ffa286c6dd4ae6cf2402b60d4b7f1a1efa10
 
s390x:
libpng-1.2.46-1.el6_1.s390.rpm     MD5: 5c9ec6c00655431392e3753b4d5f4c78
SHA-256: cb1105d9c7a82e74553b38dd7d37764c01087fc859e40528325a27d95c44d07b
libpng-1.2.46-1.el6_1.s390x.rpm     MD5: 81d5693bc1be19348cc272dea4eb9add
SHA-256: 5029d0c420ed98341b0584a06da66f0e7d27ed08eb8b78783b375fbcc2d82228
libpng-debuginfo-1.2.46-1.el6_1.s390.rpm     MD5: 4ef362a25c9476e3357cfc71e91572bb
SHA-256: e853c375f14d76b3463c88d564c3e8050c2273a95118bb5acd0b7ac0e43ddd12
libpng-debuginfo-1.2.46-1.el6_1.s390x.rpm     MD5: e4e01a4320885da93c4670089d92ad09
SHA-256: 095c456acd308d19a8f15cc247482dd0ea2f05973a388311cf9ba653bf268c72
libpng-devel-1.2.46-1.el6_1.s390.rpm     MD5: b48a6dc4e30c61311c391d4e26217508
SHA-256: 596f1645967ff56504df105d00da0911c2b24860fd8bd1767fdbd8e9360275d5
libpng-devel-1.2.46-1.el6_1.s390x.rpm     MD5: 4ffd50d53005d403a727c7c49f2f295b
SHA-256: a97fcffafad519cbffe9021218c8a5ff425cbf1dd9f0fc6a42fda5c170124b76
libpng-static-1.2.46-1.el6_1.s390x.rpm     MD5: afa14a6224af7e25c691d63e8008cecf
SHA-256: b7025564d5cb98c2e8f5c9279b147ddfa99a48d32b569d54b45a3dd4388d5d52
 
x86_64:
libpng-1.2.46-1.el6_1.i686.rpm     MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-1.2.46-1.el6_1.x86_64.rpm     MD5: 4f05e9fdaa45f93073d73009b14d4e41
SHA-256: 976dde3fd25037afd5dc7e9d61dd1ae11c9025196e1753bbb7b0a7adc6c7bc05
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm     MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-debuginfo-1.2.46-1.el6_1.x86_64.rpm     MD5: 16b8d55943ff4b91ef42ca02184a4b3f
SHA-256: 0bf527f3d48079a90e6c99b2351807bc17c9f80517497b089261237247d3b2c0
libpng-devel-1.2.46-1.el6_1.i686.rpm     MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-devel-1.2.46-1.el6_1.x86_64.rpm     MD5: 76f364aa456a1e9091186fd59307fc4c
SHA-256: e5d3875937c6e0a4729107b22dba2eebc5c43b052fedd93f2331da6f95b24deb
libpng-static-1.2.46-1.el6_1.x86_64.rpm     MD5: 10f79b875738f1ef809460d9601ed477
SHA-256: fd4770765c638172fc65b9cc1a201e40b042bd49ccc3139bb133524a94e6faa4
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libpng-1.2.46-1.el6_1.src.rpm
File outdated by:  RHSA-2012:0523
    MD5: cb5bd52cb76e0d4b2d53612957a82b18
SHA-256: 0bbf5fcdb7d19b8056b6176bc7a7038973ef2e64487b193af2170d1a2b301f06
 
IA-32:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-static-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 11d018340d57cd29e44b60dca4c66dc9
SHA-256: 0b8dfb8b4c67a5cb5484c41780e757426ee09d3982e1c6e43202be803c5edcf2
 
x86_64:
libpng-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: 6a075a38be18bcc8c5b89cf9954c564a
SHA-256: d7c2517ab38f27cdb823a500039bc1debc767acbf84f73bdf0cfadce97bbbca9
libpng-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 4f05e9fdaa45f93073d73009b14d4e41
SHA-256: 976dde3fd25037afd5dc7e9d61dd1ae11c9025196e1753bbb7b0a7adc6c7bc05
libpng-debuginfo-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: dafde3f59489924430e803fae200e909
SHA-256: c2a684112b465aec805a7637973863f691d6671615229f0d99d366a7e0ecce45
libpng-debuginfo-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 16b8d55943ff4b91ef42ca02184a4b3f
SHA-256: 0bf527f3d48079a90e6c99b2351807bc17c9f80517497b089261237247d3b2c0
libpng-devel-1.2.46-1.el6_1.i686.rpm
File outdated by:  RHSA-2012:0523
    MD5: eace5efc53d564becea710e80f99ef7a
SHA-256: 6d0cdccbd7fbc23c5d8fb320f35cefcc51f4562f5ecfc6e8c04c51db96577d80
libpng-devel-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 76f364aa456a1e9091186fd59307fc4c
SHA-256: e5d3875937c6e0a4729107b22dba2eebc5c43b052fedd93f2331da6f95b24deb
libpng-static-1.2.46-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2012:0523
    MD5: 10f79b875738f1ef809460d9601ed477
SHA-256: fd4770765c638172fc65b9cc1a201e40b042bd49ccc3139bb133524a94e6faa4
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

717084 - CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
720607 - CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray
720612 - CVE-2011-2692 libpng: Invalid read when handling empty sCAL chunks


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/