Stay Connected:

ELSA-2026-0238

ELSA-2026-0238 - libpng security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-01-07

Description


[2:1.6.37-12.1]
- CVE-2025-64720: buffer overflow (RHEL-131580)
- CVE-2025-65018: heap buffer overflow (RHEL-131593)
- CVE-2025-66293: out-of-bounds read in png_image_read_composite (RHEL-133287)


Related CVEs


CVE-2025-64720
CVE-2025-65018
CVE-2025-66293

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_aarch64_appstream
libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_aarch64_baseos_latest
libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_aarch64_u7_baseos_patch
libpng-1.6.37-12.el9_7.1.aarch64.rpm273b3e642e5df74d653d3a3cf4f0a0c8e083dafdaf986dd8bd760789847f1886-ol9_aarch64_baseos_latest
libpng-1.6.37-12.el9_7.1.aarch64.rpm273b3e642e5df74d653d3a3cf4f0a0c8e083dafdaf986dd8bd760789847f1886-ol9_aarch64_u7_baseos_patch
libpng-devel-1.6.37-12.el9_7.1.aarch64.rpm8b0b356e59b8b7ab2ca857df15cbdbe60c72c740336e5bd83c0d572fa84b8804-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_x86_64_appstream
libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_x86_64_baseos_latest
libpng-1.6.37-12.el9_7.1.src.rpm49f0a5c7ca9897f95228eb3bed6a5ac2605216313b2862af5919b332748f1a29-ol9_x86_64_u7_baseos_patch
libpng-1.6.37-12.el9_7.1.i686.rpm9cb9c9e34422f829c67921d4c8bc13bd60b72b20f4e22a300ab0089e5eca26c4-ol9_x86_64_baseos_latest
libpng-1.6.37-12.el9_7.1.i686.rpm9cb9c9e34422f829c67921d4c8bc13bd60b72b20f4e22a300ab0089e5eca26c4-ol9_x86_64_u7_baseos_patch
libpng-1.6.37-12.el9_7.1.x86_64.rpm8b79c11d5c10ed133877360c68dbcd3c4e1e965bbda3fa63b20511bfb2ea54ff-ol9_x86_64_baseos_latest
libpng-1.6.37-12.el9_7.1.x86_64.rpm8b79c11d5c10ed133877360c68dbcd3c4e1e965bbda3fa63b20511bfb2ea54ff-ol9_x86_64_u7_baseos_patch
libpng-devel-1.6.37-12.el9_7.1.i686.rpm357eb3120d9eecd4c063bf992ee93c719e60eeb394758e785b34eaca9394423e-ol9_x86_64_appstream
libpng-devel-1.6.37-12.el9_7.1.x86_64.rpm8ae3dd40ab74ceec60c493ab44da4a845295ea1c0783cb702f81019340c41d53-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights