Closed Bug 564792 Opened 12 years ago Closed 11 years ago
Update libpng to version 1
Libpng-1.4.2 has been released. There are no changes of importance to mozilla, so this is a very low priority; we probably want to skip this release.
Libpng-1.4.3 has been released. It fixes a vulnerability with reading PNG files that have extra data in the IDAT chunk (CVE 2010-1205) and a memory leak while reading a malformed sCAL chunk. The PNG decoder in libpr0n already has a recently checked-in workaround for the extra-data vulnerability. Both vulnerabilities have been publicly disclosed via the libpr0n check-ins and the libpng release.
Severity: minor → normal
Summary: Update libpng to version 1.4.2 → Update libpng to version 1.4.3
Glenn, can you get us a patch for this?
I'll try to get to it tonight. Note that we aren't vulnerable to the sCAL bug because we treat it as an unknown chunk and don't decode it, even when we use the system library.
Is there a similar bug for libpng 1.2.x on the branches that still use it?
The patch looks bigger than it actually is, as you seem to have accidentally included the .diff as part of the diff.
Removes unwanted libpng diff file created by the v00 patch
Attachment #455360 - Attachment is obsolete: true
(In reply to comment #5) > Is there a similar bug for libpng 1.2.x on the branches that still use it? Yes. The approach there will be to simply replace the IDAT-processing function in pngpread.c.
Attachment #455363 - Flags: review?(joe) → review+
Comment on attachment 455363 [details] [diff] [review] v01: update libpng to version 1.4.3 Keeps us up-to-date with libpng, including a security fix (though, we've worked around it already). Makes future security upgrades easier.
Attachment #455363 - Flags: approval2.0?
Comment on attachment 455363 [details] [diff] [review] v01: update libpng to version 1.4.3 17:17 < joe> we should probably take it, with a quick hook on backing it out So like the man says, if this bounces, we yank it.
Attachment #455363 - Flags: approval2.0? → approval2.0+
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b3
You need to log in before you can comment on or make changes to this bug.