ELSA-2026-0241

ULN >
Oracle Linux Errata repository >
ELSA-2026-0241

ELSA-2026-0241 - libpng security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-01-07

Description

[2:1.6.34-9]
- CVE-2025-64720: buffer overflow (RHEL-131452)
- CVE-2025-65018: heap buffer overflow (RHEL-131465)
- CVE-2025-66293: out-of-bounds read in png_image_read_composite (RHEL-133226)

[2:1.6.34-8]
- Remove redundant fix for CVE-2017-12652

[2:1.6.34-7]
- Add upstream test suite and enable it in gating

[2:1.6.34-6]
- Fix CVE-2017-12652 (#1744871)

Related CVEs

CVE-2025-64720

CVE-2025-65018

CVE-2025-66293

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	libpng-1.6.34-9.el8_10.src.rpm	53f634ea8460c5dc233d616bcc5492a6584ec0b15444621711fd76af12996eab	-	ol8_aarch64_baseos_latest
	libpng-1.6.34-9.el8_10.src.rpm	53f634ea8460c5dc233d616bcc5492a6584ec0b15444621711fd76af12996eab	-	ol8_aarch64_u10_baseos_patch
	libpng-1.6.34-9.el8_10.aarch64.rpm	ae8c5d95fe5785c15df7eaaf7f1622164560fe0d661ac5e8e1834d2721c91098	-	ol8_aarch64_baseos_latest
	libpng-1.6.34-9.el8_10.aarch64.rpm	ae8c5d95fe5785c15df7eaaf7f1622164560fe0d661ac5e8e1834d2721c91098	-	ol8_aarch64_u10_baseos_patch
	libpng-devel-1.6.34-9.el8_10.aarch64.rpm	1ef4f25d14dfaff510b4911c5ac0306bd1899e195b60bec33f751571504c807c	-	ol8_aarch64_baseos_latest
	libpng-devel-1.6.34-9.el8_10.aarch64.rpm	1ef4f25d14dfaff510b4911c5ac0306bd1899e195b60bec33f751571504c807c	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	libpng-1.6.34-9.el8_10.src.rpm	53f634ea8460c5dc233d616bcc5492a6584ec0b15444621711fd76af12996eab	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-9.el8_10.src.rpm	53f634ea8460c5dc233d616bcc5492a6584ec0b15444621711fd76af12996eab	-	ol8_x86_64_u10_baseos_patch
	libpng-1.6.34-9.el8_10.i686.rpm	a323c861ba762175c0afcdbcb5929137b217e34ecaecce33e45a60ac63e27ce0	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-9.el8_10.i686.rpm	a323c861ba762175c0afcdbcb5929137b217e34ecaecce33e45a60ac63e27ce0	-	ol8_x86_64_u10_baseos_patch
	libpng-1.6.34-9.el8_10.x86_64.rpm	3fcddc836735c1b483041495bdb2a0fa837624d9aaf06fa8d625f22382cc8837	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-9.el8_10.x86_64.rpm	3fcddc836735c1b483041495bdb2a0fa837624d9aaf06fa8d625f22382cc8837	-	ol8_x86_64_u10_baseos_patch
	libpng-devel-1.6.34-9.el8_10.i686.rpm	6dd912fcdf26827b928a9748b320f655f997f33738cf619e5c997b7ba987abcf	-	ol8_x86_64_baseos_latest
	libpng-devel-1.6.34-9.el8_10.i686.rpm	6dd912fcdf26827b928a9748b320f655f997f33738cf619e5c997b7ba987abcf	-	ol8_x86_64_u10_baseos_patch
	libpng-devel-1.6.34-9.el8_10.x86_64.rpm	2837a2ce7191b0506a681870ee1d222ab5ca91249cdd19824b817b710b9cdff9	-	ol8_x86_64_baseos_latest
	libpng-devel-1.6.34-9.el8_10.x86_64.rpm	2837a2ce7191b0506a681870ee1d222ab5ca91249cdd19824b817b710b9cdff9	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691