Security
Security
Multiple vulnerabilities have been found in libpng, the worst of which may allow remote attackers to cause Denial of Service.
| Package | media-libs/libpng on all architectures |
|---|---|
| Affected versions | < 1.6.21 |
| Unaffected versions | >= 1.2.56 >= 1.5.26 >= 1.6.21 |
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several other programs, including web browsers and potentially server processes.
Multiple vulnerabilities were found in libpng. Please review the referenced CVE’s for additional information.
Remote attackers could cause a Denial of Service condition or have other unspecified impacts.
There is no known workaround at this time.
All libpng 1.2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.56"
All libpng 1.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.5.26"
All libpng 1.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.6.21"