[SECURITY] libpng vulnerabilities
Yaakov (Cygwin/X)
yselkowitz@users.sourceforge.net
Tue Jul 26 19:43:00 GMT 2011
Chuck,
All versions of libpng have recently announced security vulnerabilities:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2692
Remedy:
Update libpng10 to 1.0.55 (or just remove it, as nothing in the distro
depends on it any more), libpng12 to 1.2.45, and libpng14 to 1.4.8.
Thanks,
Yaakov
More information about the Cygwin-apps
mailing list