Release date:
2026-05-18 18:38:24 UTC
Description:
- CVE-2026-34757: Use snapshot-before-free and defer-free patterns to prevent use-after-free when a caller passes a pointer obtained from png_get_PLTE, png_get_tRNS, png_get_hIST, png_get_text, png_get_sPLT, or png_get_unknown_chunks back into the corresponding setter (issues 836 and 837)
Updated packages:
-
libpng15-1.5.30-14.el9.tuxcare.els3.i686.rpm
sha:c803941e8067485ef9c5e713fa3212732d2f8d47a8af83b27cf33f989a8d7a9d
-
libpng15-1.5.30-14.el9.tuxcare.els3.x86_64.rpm
sha:94829ee06c172965f4ced5cf92b677df4b3483b7e109fe22d62cc8f922d34fe6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
