_*CR:*_
6755267 multiple security vulnerabilities in libpng before 1.2.32
_*Product :*_
JDS
_*OS:*_
OpenSolaris
_*Changed files :*_
SUNWpng.spec
Tarballs to be added :
libpng-1.0.43.tar.bz2
libpng-1.2.35.tar.bz2
_*Description of change :*_
All versions of libpng from 0.89c through 1.2.34 contain an
uninitialized-data bug that can be triggered by a malicious user.
Specifically, there are several instances in which a malloc'd array of
pointers is then initialized by a secondary sequence of malloc()
calls. If one of these calls fails, libpng's cleanup routine will
attempt to free the entire array, including any uninitialized pointers,
which could lead to execution of an attacker's code with the
privileges of the libpng user (including remote compromise in the case
of a libpng-based browser visiting a hostile web site).
The current release libpng 1.0.43/1.2.35 has the fix. So upgrade
libpng tarballs to 1.0.43/1.2.35.
*++ spec-diff:*
Diff between libpng10.spec files used to build:
--- base-specs-orig/libpng10.spec 2009-04-20 17:39:33.886885000 +0530
+++ base-specs/libpng10.spec 2009-04-20 17:46:20.937636000 +0530
@@ -1,7 +1,7 @@
#
# spec file for package libpng10
#
-# Copyright 2007 Sun Microsystems, Inc.
+# Copyright 2009 Sun Microsystems, Inc.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@@ -10,7 +10,7 @@
Name: libpng10
License: other
Group: System/Libraries
-Version: 1.0.26
+Version: 1.0.43
Release: 1
Distribution: Java Desktop System
Vendor: Sun Microsystems, Inc.
@@ -85,5 +85,7 @@
%{_mandir}/*
%changelog
+* Mon Apr 21 2009 - abhijit.nath at sun.com
+- bump to 1.0.43
* Thu May 17 2007 - laca at sun.com
- Create
Diff between libpng12.spec files used to build :
--- base-specs-orig/libpng12.spec 2009-04-20 17:39:34.278065000 +0530
+++ base-specs/libpng12.spec 2009-04-20 17:50:56.556352000 +0530
@@ -1,7 +1,7 @@
#
# spec file for package libpng12
#
-# Copyright 2007 Sun Microsystems, Inc.
+# Copyright 2009 Sun Microsystems, Inc.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@@ -10,7 +10,7 @@
Name: libpng10
License: other
Group: System/Libraries
-Version: 1.2.18
+Version: 1.2.35
Release: 1
Distribution: Java Desktop System
Vendor: Sun Microsystems, Inc.
@@ -85,5 +85,7 @@
%{_mandir}/*
%changelog
+* Mon Apr 21 2009 - abhijit.nath at sun.com
+- bump to 1.2.35
* Thu May 17 2007 - laca at sun.com
- Create
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/jds-review/attachments/20090421/a77df50d/attachment.html>
