Package: libpng Vulnerabilities: Several Vulnerability Type: Remote Debian-specific: No CVE IDs: CVE-2010-1205, CVE-2010-2249 Debian Bugs: 533676, 572308 CVE-2010-1205 Description: Buffer overflow in libpng allowing remote attackers to execute arbitrary code via a PNG image with an additional data row. CVE-2010-2249 Description: Memory leak in libpng causing denial of service via a PNG image containing malformed Physical Scale (sCAL) chunks. Affected Distributions Stable (lenny): Fixed in version 1.2.27-2+lenny4 Testing (squeeze) and Unstable (sid): Fixed in version 1.2.44-1 Upgrade Instructions Use and to install corrected packages. Automated update by adding the resources from the footer to the proper configuration.