libpng16-16-1.6.37-3.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10972-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libpng16-16-1.6.37-3.3 on GA media These are all security issues fixed in the libpng16-16-1.6.37-3.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10972 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2006-5793/ SUSE CVE CVE-2006-5793 page https://www.suse.com/security/cve/CVE-2008-3964/ SUSE CVE CVE-2008-3964 page https://www.suse.com/security/cve/CVE-2009-0040/ SUSE CVE CVE-2009-0040 page https://www.suse.com/security/cve/CVE-2016-10087/ SUSE CVE CVE-2016-10087 page https://www.suse.com/security/cve/CVE-2016-5735/ SUSE CVE CVE-2016-5735 page https://www.suse.com/security/cve/CVE-2017-12652/ SUSE CVE CVE-2017-12652 page https://www.suse.com/security/cve/CVE-2018-13785/ SUSE CVE CVE-2018-13785 page https://www.suse.com/security/cve/CVE-2018-14048/ SUSE CVE CVE-2018-14048 page https://www.suse.com/security/cve/CVE-2019-7317/ SUSE CVE CVE-2019-7317 page openSUSE Tumbleweed libpng16-16-1.6.37-3.3 libpng16-16-32bit-1.6.37-3.3 libpng16-compat-devel-1.6.37-3.3 libpng16-compat-devel-32bit-1.6.37-3.3 libpng16-devel-1.6.37-3.3 libpng16-devel-32bit-1.6.37-3.3 libpng16-tools-1.6.37-3.3 libpng16-16-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-16-32bit-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-compat-devel-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-compat-devel-32bit-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-devel-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-devel-32bit-1.6.37-3.3 as a component of openSUSE Tumbleweed libpng16-tools-1.6.37-3.3 as a component of openSUSE Tumbleweed The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. CVE-2006-5793 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 low 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2006-5793.html CVE-2006-5793 https://bugzilla.suse.com/219007 SUSE Bug 219007 https://bugzilla.suse.com/222859 SUSE Bug 222859 Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. CVE-2008-3964 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-3964.html CVE-2008-3964 https://bugzilla.suse.com/424739 SUSE Bug 424739 The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. CVE-2009-0040 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-0040.html CVE-2009-0040 https://bugzilla.suse.com/472745 SUSE Bug 472745 https://bugzilla.suse.com/478625 SUSE Bug 478625 https://bugzilla.suse.com/608040 SUSE Bug 608040 The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. CVE-2016-10087 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 low 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-10087.html CVE-2016-10087 https://bugzilla.suse.com/1017646 SUSE Bug 1017646 https://bugzilla.suse.com/1149680 SUSE Bug 1149680 Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. CVE-2016-5735 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5735.html CVE-2016-5735 https://bugzilla.suse.com/1173616 SUSE Bug 1173616 libpng before 1.6.32 does not properly check the length of chunks against the user limit. CVE-2017-12652 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 low 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12652.html CVE-2017-12652 https://bugzilla.suse.com/1141493 SUSE Bug 1141493 In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. CVE-2018-13785 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-13785.html CVE-2018-13785 https://bugzilla.suse.com/1100687 SUSE Bug 1100687 https://bugzilla.suse.com/1112153 SUSE Bug 1112153 https://bugzilla.suse.com/1116574 SUSE Bug 1116574 An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. CVE-2018-14048 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14048.html CVE-2018-14048 https://bugzilla.suse.com/1101418 SUSE Bug 1101418 png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. CVE-2019-7317 openSUSE Tumbleweed:libpng16-16-1.6.37-3.3 openSUSE Tumbleweed:libpng16-16-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-1.6.37-3.3 openSUSE Tumbleweed:libpng16-devel-32bit-1.6.37-3.3 openSUSE Tumbleweed:libpng16-tools-1.6.37-3.3 low 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-7317.html CVE-2019-7317 https://bugzilla.suse.com/1124211 SUSE Bug 1124211 https://bugzilla.suse.com/1135824 SUSE Bug 1135824 https://bugzilla.suse.com/1141780 SUSE Bug 1141780 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 https://bugzilla.suse.com/1165297 SUSE Bug 1165297