libpng: User-assisted execution of arbitrary code

libpng: User-assisted execution of arbitrary code Two vulnerabilities have been found in libpng, possibly resulting in execution of arbitrary code. libpng 2015-02-15 2017-01-03 531264 533358 local, remote 1.6.16 1.5.21 1.2.52 1.6.16

libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.

Two vulnerabilities have been discovered in libpng:

The png_user_version_check function contains an out-of-bounds memory access error (libpng 1.6.15 Release Notes)
The png_combine_row function contains an integer overflow error, which could result in a heap-based buffer overflow (CVE-2014-9495)

A context-dependent attacker could entice a user to open a specially crafted PNG file using an application linked against libpng, possibly resulting in execution of arbitrary code.

There is no known workaround at this time.

All libpng 1.6 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.6.16"

All libpng 1.5 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.5.21"

CVE-2014-9495 libpng 1.6.15 Release Notes BlueKnight ackle