[SECURITY] Fedora 20 Update: libpng15-1.5.17-2.fc20

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 11 23:05:02 UTC 2014


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-1803
2014-01-30 02:47:18
--------------------------------------------------------------------------------

Name        : libpng15
Product     : Fedora 20
Version     : 1.5.17
Release     : 2.fc20
URL         : http://www.libpng.org/pub/png/
Summary     : Old version of libpng, needed to run old binaries
Description :
The libpng15 package provides libpng 1.5, an older version of the libpng.
library for manipulating PNG (Portable Network Graphics) image format files.
This version should be used only if you are unable to use the current
version of libpng.

--------------------------------------------------------------------------------
Update Information:

Adding patch CVE-2013-6954 (#1056856)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Petr Hracek <phracek at redhat.com> - 1.5.17-2
- Adding patch CVE-2013-6954 (#1056856)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1056856 - CVE-2013-6954 libpng12: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1056856
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libpng15' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list