summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2004-05-09 06:32:31 +0000
committerNed Ludd <solar@gentoo.org>2004-05-09 06:32:31 +0000
commit4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c (patch)
treef7c6ccaed6a04647bff8934326c7d3472ed4f16d
parentThe library provides 2 calls png_chunk_error and png_chunk_warning for defaul... (diff)
downloadgentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.tar.gz
gentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.tar.bz2
gentoo-2-4f1a4efb84b44ec866c845ae5d48f5284b9e9a6c.zip
The library provides 2 calls png_chunk_error and png_chunk_warning for default error and warning messages handling. Inside the code a fixed size buffer is used and 64 bytes are used to store the caller supplied message. But there are no bounds checking and this limitation is not documented. Programs linked against libpng may crash or even execute arbitrary code if the caller message is dependent on external inputs. Bugzilla bug #49887 (Manifest recommit)
-rw-r--r--media-libs/libpng/Manifest2
1 files changed, 1 insertions, 1 deletions
diff --git a/media-libs/libpng/Manifest b/media-libs/libpng/Manifest
index e965e0e5b45a..e0f0c5c6aa6d 100644
--- a/media-libs/libpng/Manifest
+++ b/media-libs/libpng/Manifest
@@ -1,4 +1,4 @@
-MD5 aea71e9b1a67a7694353a48e1d477d33 ChangeLog 6188
+MD5 369f6fe9ea3ee2de1f8f5f337cda4f85 ChangeLog 6741
MD5 715d8c5f921a8315141902b4ae0e4f2d libpng-1.0.12-r2.ebuild 958
MD5 a7e44158011831ead567a1478a9cdd09 libpng-1.0.15-r1.ebuild 1858
MD5 dd70c9bd9d3707ce120546479724d61b libpng-1.0.15.ebuild 1797