ELSA-2026-4728

ULN >
Oracle Linux Errata repository >
ELSA-2026-4728

ELSA-2026-4728 - libpng security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-03-17

Description

[2:1.6.34-10]
- fix CVE-2026-25646: heap buffer overflow in png_set_quantize (RHEL-148338)
- fix CVE-2026-22695: heap buffer over-read in png_image_finish_read (RHEL-148852)
- fix CVE-2026-22801: heap buffer over-read in png_image_write_*bit (RHEL-146659)

Related CVEs

CVE-2026-22695

CVE-2026-22801

CVE-2026-25646

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	libpng-1.6.34-10.el8_10.src.rpm	0c1a4f1d1357c9b9f5d22ab230fc21729940caa24d43a70d0dfea3bca0d74ccb	-	ol8_aarch64_baseos_latest
	libpng-1.6.34-10.el8_10.src.rpm	0c1a4f1d1357c9b9f5d22ab230fc21729940caa24d43a70d0dfea3bca0d74ccb	-	ol8_aarch64_u10_baseos_patch
	libpng-1.6.34-10.el8_10.aarch64.rpm	8d5f12d37f367fa35ae6572178c2a1f8d13858a789ab8a7f976b85751928122f	-	ol8_aarch64_baseos_latest
	libpng-1.6.34-10.el8_10.aarch64.rpm	8d5f12d37f367fa35ae6572178c2a1f8d13858a789ab8a7f976b85751928122f	-	ol8_aarch64_u10_baseos_patch
	libpng-devel-1.6.34-10.el8_10.aarch64.rpm	4df6064b957cbad59b1de73fb7199b60d488037349812fb240ec42711e1f0669	-	ol8_aarch64_baseos_latest
	libpng-devel-1.6.34-10.el8_10.aarch64.rpm	4df6064b957cbad59b1de73fb7199b60d488037349812fb240ec42711e1f0669	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	libpng-1.6.34-10.el8_10.src.rpm	0c1a4f1d1357c9b9f5d22ab230fc21729940caa24d43a70d0dfea3bca0d74ccb	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-10.el8_10.src.rpm	0c1a4f1d1357c9b9f5d22ab230fc21729940caa24d43a70d0dfea3bca0d74ccb	-	ol8_x86_64_u10_baseos_patch
	libpng-1.6.34-10.el8_10.i686.rpm	b7f4c40c7752107cfec42e575516bbd5f1de287a692ac87807059f17e15500b3	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-10.el8_10.i686.rpm	b7f4c40c7752107cfec42e575516bbd5f1de287a692ac87807059f17e15500b3	-	ol8_x86_64_u10_baseos_patch
	libpng-1.6.34-10.el8_10.x86_64.rpm	e153902e55a0a5914ae764fba522195b9210921c82f1fcd9491cda43136ea570	-	ol8_x86_64_baseos_latest
	libpng-1.6.34-10.el8_10.x86_64.rpm	e153902e55a0a5914ae764fba522195b9210921c82f1fcd9491cda43136ea570	-	ol8_x86_64_u10_baseos_patch
	libpng-devel-1.6.34-10.el8_10.i686.rpm	8670cb5419cc023d1bc54a0473dd654f6b1d86191a563495f9c62b26631c54ab	-	ol8_x86_64_baseos_latest
	libpng-devel-1.6.34-10.el8_10.i686.rpm	8670cb5419cc023d1bc54a0473dd654f6b1d86191a563495f9c62b26631c54ab	-	ol8_x86_64_u10_baseos_patch
	libpng-devel-1.6.34-10.el8_10.x86_64.rpm	61c48e538d82df7c4522f3f0fa3fbf9a8cdc7f92ab974c8e0662bc4c48946327	-	ol8_x86_64_baseos_latest
	libpng-devel-1.6.34-10.el8_10.x86_64.rpm	61c48e538d82df7c4522f3f0fa3fbf9a8cdc7f92ab974c8e0662bc4c48946327	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691