FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
13ca36b8-6141-11eb-8a36-7085c2fb2c14	pngcheck -- Buffer-overrun vulnerability The libpng project reports: pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks (the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used). Both bugs are fixed in version 3.0.1, released on 24 January 2021. Again, while all known vulnerabilities are fixed in this version, the code is quite crufty, so it would be safest to assume there are still some problems hidden in there. As always, use at your own risk. Discovery 2021-01-24 Entry 2021-01-28 pngcheck < 3.0.1 http://www.libpng.org/pub/png/apps/pngcheck.html

VuXML ID

Description

13ca36b8-6141-11eb-8a36-7085c2fb2c14

pngcheck -- Buffer-overrun vulnerability

The libpng project reports:

pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks (the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used). Both bugs are fixed in version 3.0.1, released on 24 January 2021. Again, while all known vulnerabilities are fixed in this version, the code is quite crufty, so it would be safest to assume there are still some problems hidden in there. As always, use at your own risk.

Discovery 2021-01-24
Entry 2021-01-28
pngcheck

< 3.0.1

http://www.libpng.org/pub/png/apps/pngcheck.html