Security update for libpng16 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1530-1 Final 1 1 2019-06-07T15:14:56Z current 2019-06-07T15:14:56Z 2019-06-07T15:14:56Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libpng16 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free() was called under png_safe_execute (bsc#1124211). - CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in pngrutil.c, which could haved triggered and integer overflow and result in an divide-by-zero while processing a crafted PNG file, leading to a denial of service (bsc#1100687) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1530 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00021.html E-Mail link for openSUSE-SU-2019:1530-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1100687 SUSE Bug 1100687 https://bugzilla.suse.com/1121624 SUSE Bug 1121624 https://bugzilla.suse.com/1124211 SUSE Bug 1124211 https://www.suse.com/security/cve/CVE-2018-13785/ SUSE CVE CVE-2018-13785 page https://www.suse.com/security/cve/CVE-2019-7317/ SUSE CVE CVE-2019-7317 page openSUSE Leap 15.0 openSUSE Leap 15.1 libpng16-16-1.6.34-lp151.3.3.1 libpng16-16-32bit-1.6.34-lp151.3.3.1 libpng16-compat-devel-1.6.34-lp151.3.3.1 libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 libpng16-devel-1.6.34-lp151.3.3.1 libpng16-devel-32bit-1.6.34-lp151.3.3.1 libpng16-tools-1.6.34-lp151.3.3.1 libpng16-16-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-16-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-compat-devel-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-devel-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-devel-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-tools-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.0 libpng16-16-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-16-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-compat-devel-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-devel-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-devel-32bit-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 libpng16-tools-1.6.34-lp151.3.3.1 as a component of openSUSE Leap 15.1 In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. CVE-2018-13785 openSUSE Leap 15.0:libpng16-16-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-16-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-compat-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-tools-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-16-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-16-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-compat-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-tools-1.6.34-lp151.3.3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00021.html https://www.suse.com/security/cve/CVE-2018-13785.html CVE-2018-13785 https://bugzilla.suse.com/1100687 SUSE Bug 1100687 https://bugzilla.suse.com/1112153 SUSE Bug 1112153 https://bugzilla.suse.com/1116574 SUSE Bug 1116574 png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. CVE-2019-7317 openSUSE Leap 15.0:libpng16-16-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-16-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-compat-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.0:libpng16-tools-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-16-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-16-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-compat-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-compat-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-devel-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-devel-32bit-1.6.34-lp151.3.3.1 openSUSE Leap 15.1:libpng16-tools-1.6.34-lp151.3.3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00021.html https://www.suse.com/security/cve/CVE-2019-7317.html CVE-2019-7317 https://bugzilla.suse.com/1124211 SUSE Bug 1124211 https://bugzilla.suse.com/1135824 SUSE Bug 1135824 https://bugzilla.suse.com/1141780 SUSE Bug 1141780 https://bugzilla.suse.com/1147021 SUSE Bug 1147021 https://bugzilla.suse.com/1165297 SUSE Bug 1165297