Closed Bug 564792 Opened 14 years ago Closed 14 years ago

Update libpng to version 1.4.3

Categories

(Core :: Graphics: ImageLib, defect)

Product:
Core
Component:
Graphics: ImageLib
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla2.0b3
Tracking Flags:
Tracking Status
blocking2.0 --- -
status1.9.2 --- ?

People

(Reporter: glennrp+bmo, Assigned: glennrp+bmo)

References

(
URL
)

Details

Attachments

(1 file, 1 obsolete file)

v01: update libpng to version 1.4.3
99.56 KB, patch
joe
: review+
beltzner
: approval2.0+
Details | Diff | Splinter Review 
Libpng-1.4.2 has been released.  There are no changes of importance to mozilla, so this is a very low priority; we probably want to skip this release.
Libpng-1.4.3 has been released.  It fixes a vulnerability with reading PNG files that have extra data in the IDAT chunk (CVE 2010-1205) and a memory leak while reading a malformed sCAL chunk.  The PNG decoder in libpr0n already has a recently checked-in workaround for the extra-data vulnerability.  Both vulnerabilities have been publicly disclosed via the libpr0n check-ins and the libpng release.
Severity: minor → normal
Summary: Update libpng to version 1.4.2 → Update libpng to version 1.4.3
Glenn, can you get us a patch for this?
blocking2.0: --- → ?
status1.9.2: --- → ?
I'll try to get to it tonight.  Note that we aren't vulnerable to the sCAL bug
because we treat it as an unknown chunk and don't decode it, even when we use the system library.

    
    

    
  
Is there a similar bug for libpng 1.2.x on the branches that still use it?

    
    

    
  
The patch looks bigger than it actually is, as you seem to have accidentally included the .diff as part of the diff.

    
    

    
  
(yo dawg!)

    
    

    
  


  
Removes unwanted libpng diff file created by the v00 patch

    
  

        Attachment #455360 -
        Attachment is obsolete: true

    
    

    
  
(In reply to comment #5)
> Is there a similar bug for libpng 1.2.x on the branches that still use it?

Yes.  The approach there will be to simply replace the IDAT-processing
function in pngpread.c.

    
  

        Attachment #455363 -
        Flags: review?(joe)
blocking2.0: ? → -

        Attachment #455363 -
        Flags: review?(joe) → review+

    
    

    
  
Comment on attachment 455363 [details] [diff] [review]
v01: update libpng to version 1.4.3

Keeps us up-to-date with libpng, including a security fix (though, we've worked around it already). Makes future security upgrades easier.

        Attachment #455363 -
        Flags: approval2.0?

    
    

    
  
Comment on attachment 455363 [details] [diff] [review]
v01: update libpng to version 1.4.3

17:17 < joe> we should probably take it, with a quick hook on backing it out

So like the man says, if this bounces, we yank it.

        Attachment #455363 -
        Flags: approval2.0? → approval2.0+

    
  
Keywords: checkin-needed

    
    

    
  
http://hg.mozilla.org/mozilla-central/rev/c338f8b7371e
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b3
Depends on: 581192

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: