----- Forwarded message from bugzilla(a)redhat.com -----
Subject: [Bug 504782] New: libpng: Interlaced Images Information Disclosure
Date: Tue, 9 Jun 2009 08:37:47 -0400
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: libpng: Interlaced Images Information Disclosure Vulnerability
Summary: libpng: Interlaced Images Information Disclosure
Product: Security Response
Status Whiteboard: source=gentoo,reported=20090606,public=20090604,impact
CC: paul(a)city-fan.org, lfarkas(a)lfarkas.org,
Estimated Hours: 0.0
Target Release: ---
Quoting Secunia advisory SA35346:
A vulnerability has been reported in libpng, which can be exploited
by malicious people to disclose potentially sensitive information.
The vulnerability is caused due to an error when processing 1-bit
interlaced images. This can be exploited to disclose uninitialised
memory via specially crafted images having widths that are not
divisible by 8.
The vulnerability is reported in versions prior to 1.2.37.
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
----- End forwarded message -----
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.