Slackware Advisory SSA:2004-222-01 Libpng Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-222-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-222-01

Insight

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. These issues could cause program crashes, or possibly allow arbitrary code embedded in a malicious PNG image to execute. The PNG library is widely used within the system, so all sites should upgrade to the new libpng package. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

Severity

Classification

CVE CVE-2004-0597, CVE-2004-0598, CVE-2004-0599
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2004-296-01 gaim
Slackware Advisory SSA:2004-043-02 XFree86 security update
Slackware Advisory SSA:2005-111-04 Mozilla/Firefox
Slackware Advisory SSA:2004-266-02 GTK+ image loading flaws
Slackware Advisory SSA:2006-155-01 mysql

Slackware Advisory SSA:2004-222-01 libpng

Take action and discover your vulnerabilities