Overview

File _patchinfo of Package patchinfo.312

<patchinfo incident="312">
  <issue id="912929" tracker="bnc">CVE-2015-0973: Heap-buffer overflow png_combine_row() with very wide interlaced images</issue>
  <issue id="912076" tracker="bnc">CVE-2014-9495: Overflow in png_read_IDAT_data</issue>
  <issue id="CVE-2015-0973" tracker="cve" />
  <issue id="CVE-2014-9495" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>
  This update fixes the following security issues:

  * CVE-2014-9495: libpng versions heap overflow vulnerability, that under certain circumstances could be exploit. [bnc#912076]

  * CVE-2015-0973: A heap-based overflow was found in the png_combine_row() function of the libpng library, when very large interlaced images were used.[bnc#912929]

</description>
  <summary>Security update for libpng16</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places