[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 536-1] New libpng, libpng3 packages fix multiple vulnerabilities

On jeu, 2004-08-05 at 15:00 +0200, Norbert Tretkowski wrote:
> * Josselin Mouette wrote:
> > On mer, 2004-08-04 at 19:10 -0700, Matt Zimmerman wrote:
> > > For the unstable distribution (sid), these problems will be fixed
> > > soon.
> > 
> > I've just uploaded fixed packages for unstable; however I've noticed
> > mozilla still crashes on the crafted PNG provided by Chris Evans. It
> > seems that /usr/lib/mozilla/components/libimglib2.so is not
> > dynamically linked with libpng, but still includes code from it.
> 
> Maybe that's the reason why mozilla.org released new versions of
> mozilla, mozilla-thunderbird and mozilla-firefox.

Indeed, it seems mozilla 1.7.2 fixed that.
-- 
Josselin Mouette                  /\./\
                                                 pouet
                                                     pouet
« Sans puissance, la maîtrise n'est rien. »
Reply to: