[CLSA-2026:1783520301] libpng: Fix of CVE-2026-33416
Type:
security
Severity:
Important
Release date:
2026-07-08 14:18:37 UTC
Description:
- CVE-2026-33416: fix use-after-free from aliased palette/trans_alpha buffers between png_struct and png_info
CVEs fixed:
Updated packages:
  • libpng-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:9608ec62d4aaa1f64c00315e1903557d2675a021402e38c368fec3b7e3e92ab5
  • libpng-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:73d63e250ee93d8d2eb758b068dd3cdeb3c2d5d0bcb50d4ec3b7b436cd7bc2f8
  • libpng-devel-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:2954643a7da1f8155a35b27074a92b7f9913836e5895ad65ada3a43e7dbde1c6
  • libpng-devel-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:9fc1100a9a9259725a4d39b3d997c9818c0231f5c2880c9fbdc9e97b6b1d4804
  • libpng-static-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:b5a7624227cb84d53ca61db7435cb12f6721304cf46ff30570fb2914064e877b
  • libpng-static-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:9d9ac0b90483c9e9ea768919330433f7e35372a68adfe4600106145fc5b0177f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.