libpng 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1236528630
업데이트 : 2009.03.09
상세내용
. CVE-2009-0040
A flaw was discovered in libpng that could result in libpng trying to
free() random memory if certain, unlikely error conditions occurred. If a
carefully-crafted PNG file was loaded by an application linked against
libpng, it could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the application.
. CVE-2008-1382
A flaw was discovered in the way libpng handled PNG images containing
"unknown" chunks. If an application linked against libpng attempted to
process a malformed, unknown chunk in a malicious PNG image, it could cause
the application to crash.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. libpng-1.0.14-8.i686.rpm
. libpng-devel-1.0.14-8.i686.rpm
SRPMS :
. libpng-1.0.14-8.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
|