[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jun 29 20:54:44 UTC 2010
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=608644
--- Comment #16 from Vincent Danen <vdanen at redhat.com> 2010-06-29 16:54:43 EDT ---
(In reply to comment #10)
> Yes, it does. Upstream has declared end-of-life for libpng10 and does
> not plan any more updates, even for security, as announced back in
> February. If that is a hardship, you can complain to png-mng-implemement at
> lists.sf.net, explain why you still need libpng10, and we might revisit the
> decision.
>
> We also plan to abandon libpng12 at the end of 2010.
We have libpng10 packages in Red Hat Enterprise Linux 3 and 4, used by things
like gnome-libs (both) and Gtk-Perl, gimp (RHEL3-only), so we have to support
libpng10 until those distributions reach end-of-life.
It isn't necessarily a hardship, but other vendors may be in the same position
with regards to supporting libpng10 and libpng12 (we will be supporting
libpng12 for many years to come yet). Abandoning libpng12 at the end of this
year might be something we should bring up (perhaps some kind of maintenance
for security issues alone).
Thanks for that information.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the mingw
mailing list