23563 – optipng security issues

Bug 23563 - optipng security issues

Summary: optipng security issues

Status:	RESOLVED DUPLICATE of bug 22099

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Dan Fandrich
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-09-12 00:43 CEST by Dan Fandrich
Modified:	2018-09-12 00:57 CEST (History)
CC List:	0 users

See Also:
Source RPM:	optipng-0.7.6-1.1.mga6.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Dan Fandrich 2018-09-12 00:43:26 CEST

optipng 0.7.7 was released that fixes a number of security issues, including some integer and buffer overflows. Only some of these were patched in optipng-0.7.6-1.1.mga6

Comment 1 Dan Fandrich 2018-09-12 00:52:00 CEST

optipng-0.7.7-1.mga7 is available in Cauldron.

Component: RPM Packages => Security
Status: NEW => ASSIGNED
QA Contact: (none) => security
Whiteboard: (none) => MGA6TOO

Comment 2 Dan Fandrich 2018-09-12 00:57:04 CEST

Looks like I misread the release notes, and the only two issues that affect 0.7.6 were already fixed in Bug #22099.

Dan Fandrich 2018-09-12 00:57:11 CEST

Whiteboard: MGA6TOO => (none)

Comment 3 Dan Fandrich 2018-09-12 00:57:32 CEST

Dupe

*** This bug has been marked as a duplicate of bug 22099 ***

Status: ASSIGNED => RESOLVED
Resolution: (none) => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.