Updated optipng packages fix security vulnerabilities
Publication date: 13 Apr 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7802 , CVE-2016-2191
Description
An updated optipng package fixes a number of bugs and security vulnerabilities. CVE-2015-7802 - Buffer over-read issue CVE-2016-2191 - An invalid write and segmentation fault may occur while processing bitmap images
References
- https://bugs.mageia.org/show_bug.cgi?id=16949
- https://sourceforge.net/p/optipng/bugs/53/
- http://openwall.com/lists/oss-security/2016/04/04/2
- http://optipng.sourceforge.net/history.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191
SRPMS
5/core
- optipng-0.7.6-1.mga5