Release date:
2026-05-05 12:34:00 UTC
Description:
- CVE-2026-33416: fix use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE
- CVE-2026-33636: fix out-of-bounds read/write in ARM NEON palette expansion
Updated packages:
-
libpng-1.6.37-12.el9_2.tuxcare.els7.i686.rpm
sha:091ccf9896d10fcc63a70431d52ed6cdb33895950a8387165906c8ea7e5638e1
-
libpng-1.6.37-12.el9_2.tuxcare.els7.x86_64.rpm
sha:64c99d697233e2d497a4b10c6f146b8eeeec3dc0e596de6e3e26c9f93829e43d
-
libpng-devel-1.6.37-12.el9_2.tuxcare.els7.i686.rpm
sha:d4648f008f8daf4169978e3ba1d1af3184b313b0e1a34368506817077b26f92b
-
libpng-devel-1.6.37-12.el9_2.tuxcare.els7.x86_64.rpm
sha:1f4f09c0a9a8651b545283ab6fa1c23eb1e7fef70d1ea61f51ecc018c42af73d
-
libpng-static-1.6.37-12.el9_2.tuxcare.els7.x86_64.rpm
sha:0faf2b6980e634145f5a3629f274ce72bf02629019ef233b50c552eed7dbef65
-
libpng-tools-1.6.37-12.el9_2.tuxcare.els7.x86_64.rpm
sha:13582d27efa682523dd8b33fd5386f059918b92191cc717a1603f44da1af2e2b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
