ELSA-2026-18064

ULN >
Oracle Linux Errata repository >
ELSA-2026-18064

ELSA-2026-18064 - libpng security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-05-18

Description

[2:1.6.40-8.4]
- fix CVE-2026-33416: use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE (RHEL-161324)

Related CVEs

CVE-2026-33416

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 10 (aarch64)	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_aarch64_appstream
	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_aarch64_baseos_latest
	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_aarch64_u1_baseos_patch
	libpng-1.6.40-8.el10_1.4.aarch64.rpm	81cd71db0eca6ab4cf4f7a0fb1c40733d948541c0c406421df44f8a9066d7c42	-	ol10_aarch64_baseos_latest
	libpng-1.6.40-8.el10_1.4.aarch64.rpm	81cd71db0eca6ab4cf4f7a0fb1c40733d948541c0c406421df44f8a9066d7c42	-	ol10_aarch64_u1_baseos_patch
	libpng-devel-1.6.40-8.el10_1.4.aarch64.rpm	a3672b4406890be55669b225a3623c00c58b3e0661b77c144f8bf6dbc2de9b49	-	ol10_aarch64_appstream

Oracle Linux 10 (x86_64)	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_x86_64_appstream
	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_x86_64_baseos_latest
	libpng-1.6.40-8.el10_1.4.src.rpm	2b824078ef7e469f708cda50dedc88d92edf3d896898157aa83d5ff15954df8c	-	ol10_x86_64_u1_baseos_patch
	libpng-1.6.40-8.el10_1.4.x86_64.rpm	d5d89154162a3381cd9a110f431ecb37b63723fd062bb7b11277a3ab26ed9dd4	-	ol10_x86_64_baseos_latest
	libpng-1.6.40-8.el10_1.4.x86_64.rpm	d5d89154162a3381cd9a110f431ecb37b63723fd062bb7b11277a3ab26ed9dd4	-	ol10_x86_64_u1_baseos_patch
	libpng-devel-1.6.40-8.el10_1.4.x86_64.rpm	45d80cad11797e6ca12d785845ad713c39911004192be5687d3b6133e06fd9d4	-	ol10_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691