Fedora Linux 8778 Published by

A pngcheck security update has been released for Fedora 33.



SECURITY: Fedora 33 Update: pngcheck-2.4.0-5.fc33


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-f3a397cbf8
2020-12-23 01:18:30.481735
--------------------------------------------------------------------------------

Name : pngcheck
Product : Fedora 33
Version : 2.4.0
Release : 5.fc33
URL :   http://www.libpng.org/pub/png/apps/pngcheck.html
Summary : Verifies the integrity of PNG, JNG and MNG files
Description :
pngcheck verifies the integrity of PNG, JNG and MNG files (by checking the
internal 32-bit CRCs [checksums] and decompressing the image data); it can
optionally dump almost all of the chunk-level information in the image in
human-readable form. For example, it can be used to print the basic statistics
about an image (dimensions, bit depth, etc.); to list the color and
transparency info in its palette (assuming it has one); or to extract the
embedded text annotations. This is a command-line program with batch
capabilities.

The current release supports all PNG, MNG and JNG chunks, including the newly
approved sTER stereo-layout chunk. It correctly reports errors in all but two
of the images in Chris Nokleberg's brokensuite-20061204.

--------------------------------------------------------------------------------
Update Information:

Previous fix for buffer overrun printing the contents of the sPLT chunk in
certain malformed inputs (RHBZ#1905775) was incomplete; it should be properly
fixed now. ---- Security fix for multiple buffer overflows from crafted file
input (RHBZ#1902786,1902806,1902810: no CVE yet assigned), and for buffer
overrun printing the contents of the sPLT chunk in certain malformed inputs
(RHBZ#1905775: no tracking bug or CVE yet assigned); also, new eXIf support and
assorted small bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 14 2020 Benjamin A. Beasley - 2.4.0-5
- Previous fix for buffer overrun printing the contents of the sPLT chunk in
certain malformed inputs (RHBZ#1905775) was incomplete; it should be properly
fixed now.
* Sun Dec 13 2020 Benjamin A. Beasley - 2.4.0-4
- Bounds-check all accesses into enumerated-value name arrays; a malformed file
could have caused a buffer overrun in several of these cases. (RHBZ#1902810)
- Fix buffer overrun when print_buffer() is passed a nonpositive size, which
can occur in practice for certain malformed inputs. (RHBZ#1902810)
- In some cases, the chunk length from the file data (sz) is used to index into
the read buffer without sufficient bounds-checking, leading to a buffer
overrun. Fix this for PPLT, hIST, sCAL, FRAM, SAVE, nEED, PAST, DISC, DROP,
DBYK, ORDR, and SEEK chunks. (RHBZ#1902810)
- Fix buffer overrun printing the contents of the sPLT chunk in certain
malformed inputs. (RHBZ#1905775)
- Backport fix for off-by-one bug in check_magic() from 3.0.0
- Backport fix for zlib version warnings going to stdout from 3.0.0
- Use name macro when referencing patches.
- Add BR on make in anticipation of
  https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot.
- New upstream version 2.4.0
- Added new license file for main package (same MIT-style license)
- Drop format-security patch, now upstreamed
- Use upstreamed man pages; no need to generate with help2man anymore
- Add rpmlintrc rules for -extras subpackage
- Add rpmlintrc file to suppress spurious rpmlint warnings
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1902806 - pngcheck: Multiple buffer overflows from crafted file input
  https://bugzilla.redhat.com/show_bug.cgi?id=1902806
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-f3a397cbf8' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys