libpng-1.2.10-7.1.3.0.1.AXS3
エラータID: AXSA:2010-387:01
リリース日:
2010/07/20 Tuesday - 14:05
題名:
libpng-1.2.10-7.1.3.0.1.AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- libpng には、8 で除算できない width 値を持つ 1-bit インターレース画像を適切に解析しないため、初期化されていないメモリ内の情報の一部を読まれる脆弱性が存在します。(CVE-2009-2042)
- libpng の png_decompress_chunk 関数には, 圧縮された ancillary-chunk データを適切に扱うことができず, 巧妙に細工した PNG ファイルによって, リモートの攻撃者がサービス拒否 (メモリとCPU の消費, アプリケーションのハングアップ) を引き起こす脆弱性があります。(CVE-2010-0205)
- libpng の pngpread.c にはバッファオーバーフローが存在し, リモートの攻撃者が任意のコードを実行する可能性のある脆弱性があります。(CVE-2010-1205)
- libpng の pngrutil.c にはメモリリークが存在し, 不正な Physical Scale (sCAL) chunks を含んだ PNG イメージによって, リモートの攻撃者がサービス拒否 (メモリ消費とアプリケーションのクラッシュ) を引き起こす脆弱性があります。(CVE-2010-2249)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-2042
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
CVE-2010-0205
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
CVE-2010-1205
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-2249
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
追加情報:
N/A
ダウンロード:
SRPMS
- libpng-1.2.10-7.1.3.0.1.AXS3.src.rpm
MD5: b5ee5a0818b08706724c4afdb4b452b3
SHA-256: 9c8af00b1f0b9537a8d058b0a306c2d91e76357d579b0f04f7cdb039102363a7
Size: 634.84 kB
Asianux Server 3 for x86
- libpng-1.2.10-7.1.3.0.1.AXS3.i386.rpm
MD5: 3eb37c8965ee348e9c6a12d7ad6b902c
SHA-256: 6ff079c20369c44951ddd0c998bee2b05803b6299a901b3d13dcdece88fdbd65
Size: 241.34 kB - libpng-devel-1.2.10-7.1.3.0.1.AXS3.i386.rpm
MD5: b4d33cce2fd2da3108fa1b97d7858ea5
SHA-256: 803e5edf840b006a6fbfc42d0402e0dc3f4ec6f91ab27e1b608f75750b031cfa
Size: 181.80 kB
Asianux Server 3 for x86_64
- libpng-1.2.10-7.1.3.0.1.AXS3.x86_64.rpm
MD5: 0ad760c194ffacf96e8d8fea8cb3e607
SHA-256: 2bb7a1b013834a763f7ce21d4414022f1e7834a7c298a0576e9beb2fb8265486
Size: 234.59 kB - libpng-devel-1.2.10-7.1.3.0.1.AXS3.x86_64.rpm
MD5: 96c4263bbf2f84b9db5acfe635cd6454
SHA-256: df66f035e6fa4b1d8933c1013a3a0bbaf27cf708da10657a41e5b139099bc753
Size: 184.89 kB