Re: [SECURITY] [DSA 536-1] New libpng, libpng3 packages fix multiple vulnerabilities
On Thu, Aug 05, 2004 at 15:00:57 +0200, Norbert Tretkowski wrote:
> > I've just uploaded fixed packages for unstable; however I've noticed
> > mozilla still crashes on the crafted PNG provided by Chris Evans. It
> > seems that /usr/lib/mozilla/components/libimglib2.so is not dynamically
> > linked with libpng, but still includes code from it.
That's upstream's http://bugzilla.mozilla.org/show_bug.cgi?id=251381 .
> Maybe that's the reason why mozilla.org released new versions of mozilla,
> mozilla-thunderbird and mozilla-firefox.
It is one of the reasons. The new versions fix other security issues as
For those Unix & Linux fanatics who're feeling left out, please forward this
message to everyone you know and delete a bunch of your files at random.
Julian Richardson's response to ILOVEYOU