ELBA-2021-15746

ELBA-2021-15746 - pngcheck Bug Fix update

Type:BUG
Impact:NA
Release Date:2021-07-21

Description


[2.4.0-8]
- Backport fix for RHBZ#1949800 from upstream release 3.0.3

[2.4.0-7]
- Fix buffer overflow on large MNG LOOP chunk (RHBZ#1908559)

[2.4.0-6]
- Fix a buffer overrun for certain invalid MNG PPLT chunk contents
(RHBZ#1907428).

[2.4.0-5]
- Previous fix for buffer overrun printing the contents of the sPLT chunk in
certain malformed inputs (RHBZ#1905775) was incomplete; it should be properly
fixed now.

[2.4.0-4]
- Bounds-check all accesses into enumerated-value name arrays; a malformed file
could have caused a buffer overrun in several of these cases. (RHBZ#1902810)
- Fix buffer overrun when print_buffer() is passed a nonpositive size, which
can occur in practice for certain malformed inputs. (RHBZ#1902810)
- In some cases, the chunk length from the file data (sz) is used to index into
the read buffer without sufficient bounds-checking, leading to a buffer
overrun. Fix this for PPLT, hIST, sCAL, FRAM, SAVE, nEED, PAST, DISC, DROP,
DBYK, ORDR, and SEEK chunks. (RHBZ#1902810)
- Fix buffer overrun printing the contents of the sPLT chunk in certain
malformed inputs. (RHBZ#1905775)




Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) pngcheck-2.4.0-8.el8.src.rpmf4335a9f7d9a22c121d6c37bc3dcab66455d6f12d16e2d3b86d9442dc3a5ed35-ol8_aarch64_developer_EPEL
pngcheck-2.4.0-8.el8.aarch64.rpm564c8279f5854b2d0cbd54e8fe984aa70079888a7b69895056b86005841ca0e5-ol8_aarch64_developer_EPEL
pngcheck-extras-2.4.0-8.el8.aarch64.rpm185b75884b0977ed0b731fbbfb987ca9e08fbe3df0b5e48b65e5441486a9ffe4-ol8_aarch64_developer_EPEL
Oracle Linux 8 (x86_64) pngcheck-2.4.0-8.el8.src.rpmf4335a9f7d9a22c121d6c37bc3dcab66455d6f12d16e2d3b86d9442dc3a5ed35-ol8_x86_64_developer_EPEL
pngcheck-2.4.0-8.el8.x86_64.rpm909caa6e6950b18683b2ce5f849f3b0f6ad797aed7fe7ec3b023939c8628313b-ol8_x86_64_developer_EPEL
pngcheck-extras-2.4.0-8.el8.x86_64.rpm6cae99259fcfbf02868740e62df5f0712b307b0948419d8d7fc74f2651488dfd-ol8_x86_64_developer_EPEL



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete