SuSE Update For Libpng16 OpenSUSE-SU-2015:0161-1 (libpng16) Network Vulnerability

Summary

Check the version of libpng16

Solution

Please Install the Updated Packages.

Insight

libpng was updated to fix some security issues: * CVE-2014-9495 [bnc#912076]: Heap-buffer overflow png_combine_row() with very wide interlaced images * CVE-2015-0973 [bnc#912929]: overflow in png_read_IDAT_data libpng is now also build with -DPNG_SAFE_LIMITS_SUPPORTED.

Affected

libpng16 on openSUSE 13.1

Detection

Get the installed version with the help of detect NVT and check if the version is vulnerable or not.

References

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00029.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9495, CVE-2015-0973

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for Cyrus IMAPD
SLES10: Security update for Linux kernel
SLES10: Security update for IBM Java 1.5.0
SLES10: Security update for ipsec-tools
SLES10: Security update for MozillaFirefox

SuSE Update for libpng16 openSUSE-SU-2015:0161-1 (libpng16)

Take action and discover your vulnerabilities