Overview

File _patchinfo of Package patchinfo.2767

<patchinfo>
  <issue id="873124" tracker="bnc">VUL-0: CVE-2013-7353: libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks()</issue>
  <issue id="873123" tracker="bnc">VUL-0: CVE-2013-7354: libpng: integer overflow leading to a heap-based buffer overflow in png_set_sPLT() and png_set_text_2()</issue>
  <issue id="CVE-2013-7353" tracker="cve" />
  <issue id="CVE-2013-7354" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This libpng12 update fixes the following two security issues.

- bnc#873123: Fixed integer overflow leading to a heap-based buffer 
  overflow in png_set_sPLT() and png_set_text_2() (CVE-2013-7354).
- bnc#873124: Fixed integer overflow leading to a heap-based buffer 
  overflow in png_set_unknown_chunks() (CVE-2013-7353). 
</description>
  <summary>update for libpng12</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places