-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2007-45 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date: 22 Aug 2007 Last revised: 22 Aug 2007 Package: libpng Summary: Denial of service More information: The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. The sPLT chunk handling code in libpng uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service. The png_handle_tRNS function in libpng allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image. Impact: Context-dependent attackers to cause a denial of service. Remote attackers to cause a denial of service. Affected Products: - wizpy - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server Source Packages Size: MD5 libpng-1.2.8-2.src.rpm 398895 6b7da9eca35706e908bc456670099102 Binary Packages Size: MD5 libpng-1.2.8-2.i386.rpm 176946 c5af8910f863c289a031c23b7644e4ae Source Packages Size: MD5 libpng-1.2.6-6.src.rpm 393909 efffadd550ef2513e6846f05eb606a43 Binary Packages Size: MD5 libpng-1.2.6-6.i586.rpm 163404 e39856c8064f0a5eedfa3f7af0a52cdd libpng-devel-1.2.6-6.i586.rpm 194371 c9a2d0d1101e09e65b1e1f40a7ad1896 Source Packages Size: MD5 libpng-1.2.8-2.src.rpm 398895 6aa2e9d7e08e92797c1494178aca7665 Binary Packages Size: MD5 libpng-1.2.8-2.i686.rpm 198662 8be2f2020d585c4ffd5a8a859c82545f libpng-devel-1.2.8-2.i686.rpm 224111 e2297bc9a4fe64f208577c36bc863653 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/libpng-1.2.6-6.src.rpm 393909 bc471978fb38266cec345d17503b1cc2 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libpng-1.2.6-6.x86_64.rpm 168146 2ef8260c5bae1ad0118383bb8bbde33c ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libpng-debug-1.2.6-6.x86_64.rpm 211110 1109af6cc85d4919348947b643da03d8 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/libpng-devel-1.2.6-6.x86_64.rpm 199651 233608beab066ba02172bb9be0d2a4c5 Source Packages Size: MD5 libpng-1.2.4-7.src.rpm 402870 97129cf9bba393e5847fd92c5d9b54f2 Binary Packages Size: MD5 libpng-1.2.4-7.i586.rpm 135964 bbe7d417c25c920b7529001f674ab9c2 Source Packages Size: MD5 libpng-1.2.4-7.src.rpm 402870 3f3d081f8fe551f17b7f284cc2da22fc Binary Packages Size: MD5 libpng-1.2.4-7.i586.rpm 136120 9f9447e2b757e0cd495e670d43d6c93e libpng-devel-1.2.4-7.i586.rpm 159836 f1328f45faf36bd06acbc77a05bec442 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/libpng-1.2.6-6.src.rpm 393909 efffadd550ef2513e6846f05eb606a43 Binary Packages Size: MD5 libpng-1.2.6-6.i586.rpm 163404 e39856c8064f0a5eedfa3f7af0a52cdd libpng-debug-1.2.6-6.i586.rpm 212077 2f83f35a178d84b095cde6a852d8dd7a libpng-devel-1.2.6-6.i586.rpm 194371 c9a2d0d1101e09e65b1e1f40a7ad1896 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libpng-1.2.6-6.src.rpm 393909 d35300fefaacae6ef8f46788b4f5fdca Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libpng-1.2.6-6.i586.rpm 163328 fd8207433bfd46b09e968cbf0660c964 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libpng-devel-1.2.6-6.i586.rpm 194323 c1f071ea985a254528f35a2917ed0a29 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libpng-1.2.4-7.src.rpm 402870 ad76a1bd9e75beb7daff17c5a61b5b11 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libpng-1.2.4-7.i586.rpm 136077 f4a359262a5e808356fa4015a4c25728 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libpng-devel-1.2.4-7.i586.rpm 159862 93ac2a375a0e4eabc1e25d1f484190f0 References: CVE [CVE-2006-5793] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 [CVE-2007-2445] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 -------------------------------------------------------------------------- Revision History 22 Aug 2007 Initial release -------------------------------------------------------------------------- Copyright(C) 2007 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGy/hRK0LzjOqIJMwRAgLjAJ9jkQeTimZAa/iwLLkAZBzz178OQACgsl5t mroWJ557ueYnHu8SQyHQF24= =dZUk -----END PGP SIGNATURE-----