Closed
Bug 737502
Opened 12 years ago
Closed 12 years ago
libpng-1.5.10 will fix CVE-2011-3048
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: glennrp+bmo, Assigned: glennrp+bmo)
Details
(Whiteboard: [sg:nse])
Heads up: Libpng-1.5.10 will be released on March 29th to fix CVE-2011-3048. Do not be concerned; it does not affect mozilla, no matter if it uses the embedded libpng or the system libpng, because the bug is in tEXt/zTXt/iTXt chunk processing. These chunks are ignored by mozilla.
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → glennrp+bmo
Status: NEW → ASSIGNED
Assignee | ||
Updated•12 years ago
|
Whiteboard: Clear security bug and I will mark this WFM when libpng-1.5.10 is released
Assignee | ||
Updated•12 years ago
|
Whiteboard: Clear security bug and I will mark this WFM when libpng-1.5.10 is released → Clear security flag when libpng-1.5.10 is released and I will mark this bug WFM.
Updated•12 years ago
|
Whiteboard: Clear security flag when libpng-1.5.10 is released and I will mark this bug WFM. → [sg:nse] Clear security flag when libpng-1.5.10 is released and I will mark this bug WFM.
Assignee | ||
Comment 1•12 years ago
|
||
It's OK to clear the security flag now. Libpng-1.5.10, which fixes the vulnerability, has been released.
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → WORKSFORME
Assignee | ||
Updated•12 years ago
|
Whiteboard: [sg:nse] Clear security flag when libpng-1.5.10 is released and I will mark this bug WFM.
Whiteboard: [sg:nse]
Assignee | ||
Updated•12 years ago
|
Whiteboard: [sg:nse] → [sg:nse] Please clear the security flag. libpng-1.5.10 has been out for a couple of weeks now.
Comment 2•12 years ago
|
||
We updated our libpng to 1.5.10 in bug 745178
Group: core-security
Whiteboard: [sg:nse] Please clear the security flag. libpng-1.5.10 has been out for a couple of weeks now. → [sg:nse]
You need to log in
before you can comment on or make changes to this bug.
Description
•