[ITT] wml://security/2011/dsa-2287.wml
Bonsoir,
Je me charge de cette traduction.
<define-tag description>several vulnerabilities</define-tag>
<define-tag moreinfo>
<p>The PNG library libpng has been affected by several vulnerabilities. The most
critical one is the identified as
<a href="http://security-tracker.debian.org/tracker/CVE-2011-2690";>\
CVE-2011-2690</a>. Using this vulnerability, an attacker is able to overwrite
memory with an arbitrary amount of data controlled by her via a crafted PNG
image.</p>
<p>The other vulnerabilities are less critical and allow an attacker to
cause a crash in the program (denial of service) via a crafted PNG
image.</p>
<p>For the oldstable distribution (lenny), this problem has been fixed in
version 1.2.27-2+lenny5. Due to a technical limitation in the Debian
archive processing scripts, the updated packages cannot be released
in paralell with the packages for Squeeze. They will appear shortly.</p>
<p>For the stable distribution (squeeze), this problem has been fixed in
version 1.2.44-1+squeeze1.</p>
<p>For the unstable distribution (sid), this problem has been fixed in
version 1.2.46-1.</p>
<p>We recommend that you upgrade your libpng packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2011/dsa-2287.data"
# $Id: dsa-2287.wml,v 1.1 2011/07/28 21:48:23 kaare Exp $
Reply to: