SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for libpng16 fixes the following issues :
Security issues fixed :
- CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free() was called under png_safe_execute (bsc#1124211).
- CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in pngrutil.c, which could haved triggered and integer overflow and result in an divide-by-zero while processing a crafted PNG file, leading to a denial of service (bsc#1100687)
This update was imported from the SUSE:SLE-15:Update update project.
SolutionUpdate the affected libpng16 packages.