Bug#595171: CVE-2010-1519

Christoph Egger christoph at debian.org
Thu Sep 2 13:08:22 UTC 2010


Hi all!

Moritz Muehlenhoff <jmm at debian.org> writes:
> Package: libglpng
> Severity: grave
> Tags: security
>
> Hi,
> the following vulnerability has been reported in libglpng:
>
> http://secunia.com/secunia_research/2010-87/
>
> This is CVE-2010-1519
>
> Cheers,
>         Moritz

    I had a quick search about this problem. Seems the fedora side [0]
has a bit more detail but not much. Probably we can share patch with
Hans who is working on a Fedora solution.

    Would be probably best to get rid of glpng soon then (pabs: how's
the status on cromium-bsu there?). Unfortunately I'm VAC for another
week and probably offline most of the time (as well as keyless).

Regards

    Christoph

[0] https://bugzilla.redhat.com/show_bug.cgi?id=623831
-- 
9FED 5C6C E206 B70A 5857  70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer

A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?





More information about the Pkg-games-devel mailing list