Slackware Advisory SSA:2004-222-01 Libpng Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-222-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-222-01

Insight

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. These issues could cause program crashes, or possibly allow arbitrary code embedded in a malicious PNG image to execute. The PNG library is widely used within the system, so all sites should upgrade to the new libpng package. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

Severity

Classification

CVE CVE-2004-0597, CVE-2004-0598, CVE-2004-0599

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2006-155-01 mysql
Slackware Advisory SSA:2004-238-01 kdelibs
Slackware Advisory SSA:2004-006-01 Kernel security update
Slackware Advisory SSA:2004-239-01 gaim
Slackware Advisory SSA:2004-140-01 cvs

Slackware Advisory SSA:2004-222-01 libpng

Take action and discover your vulnerabilities