ID

VAR-201902-0855

CVE

CVE-2019-7317

TITLE

libpng  Vulnerability in using free memory in

DESCRIPTION

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. libpng Exists in a vulnerability related to the use of freed memory.Service operation interruption (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.8.0-ibm security update Advisory ID: RHSA-2019:2590-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2590 Issue date: 2019-09-02 CVE Names: CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-7317 CVE-2019-11772 CVE-2019-11775 ===================================================================== 1. Summary: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux 8 Supplementary - ppc64le, s390x, x86_64 3. Description: IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix(es): * IBM JDK: Out-of-bounds access in the String.getBytes method (CVE-2019-11772) * IBM JDK: Failure to privatize a value pulled out of the loop by versioning (CVE-2019-11775) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c 1730056 - CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) 1730099 - CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) 1730255 - CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) 1730415 - CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) 1738547 - CVE-2019-11772 IBM JDK: Out-of-bounds access in the String.getBytes method 1738549 - CVE-2019-11775 IBM JDK: Failure to privatize a value pulled out of the loop by versioning 6. Package List: Red Hat Enterprise Linux 8 Supplementary: ppc64le: java-1.8.0-ibm-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-demo-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-devel-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-headless-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-jdbc-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-plugin-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-src-1.8.0.5.40-3.el8_0.ppc64le.rpm java-1.8.0-ibm-webstart-1.8.0.5.40-3.el8_0.ppc64le.rpm s390x: java-1.8.0-ibm-1.8.0.5.40-3.el8_0.s390x.rpm java-1.8.0-ibm-demo-1.8.0.5.40-3.el8_0.s390x.rpm java-1.8.0-ibm-devel-1.8.0.5.40-3.el8_0.s390x.rpm java-1.8.0-ibm-headless-1.8.0.5.40-3.el8_0.s390x.rpm java-1.8.0-ibm-jdbc-1.8.0.5.40-3.el8_0.s390x.rpm java-1.8.0-ibm-src-1.8.0.5.40-3.el8_0.s390x.rpm x86_64: java-1.8.0-ibm-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-headless-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-src-1.8.0.5.40-3.el8_0.x86_64.rpm java-1.8.0-ibm-webstart-1.8.0.5.40-3.el8_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-2762 https://access.redhat.com/security/cve/CVE-2019-2769 https://access.redhat.com/security/cve/CVE-2019-2786 https://access.redhat.com/security/cve/CVE-2019-2816 https://access.redhat.com/security/cve/CVE-2019-7317 https://access.redhat.com/security/cve/CVE-2019-11772 https://access.redhat.com/security/cve/CVE-2019-11775 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXWzIwNzjgjWX9erEAQjc0g/9HWqP2sFQRp/rA/7u8kQUu9Oge+4kwGcl h+Cd2DDNXplL3qnaZFZFuyaxMkLXqMrxd0+0tRZUN4Zs2vuxHe6x2xo89bolFuyQ slu/ZvfaQe88oXYYSbWoBPkXujq4v9UshgH9gNXxtnCO8Nfr3hN279lIFpMTh4Ar yYQMcZJ9AA1DqvG8Wcc2OxqUSaSjQxr2NGZSQIrhayj8BqMsLiu4Ldm1W39R/rul rTL8UFgw4USYC+3reb790iAdqC5KTaN7IZEdatQ8CFuNkkUCA0auua5qYIGEzOgC tC+mUZn+snprIMyr7wSjWKJr8xVdwn7ulTtBHtO2651nuD09MFxAwcMGzRwjmRpk 8CDBssqSia4+40EmgTgL2vZ5+SL6NS0DioIAGhf9ttDmbFVXIC9nMeNKX7NhRPkK 72ysgk8ZrPwLLWCy6uzI8cEI6Bmng5OpePzo5jegGSanVU13L2c3O7gQDCwqH/80 3cDxo7iJ+gqHTX06bgqqTpqGysjjotyw3JpToU8k2rOddeAEZ19cq2syLQqSMbBb XREQzjrY+lgIu479iKD4zXFEGH6W/0pG2O7rX02dHT0Bczo2UEu3FKvA94JoE4Cv BaZA2Ll93tLETGUcQllLF7OnYPmfu0ZuovQ/EoYbh9nr+NZqOBlLxV8YNziWUOR3 bPUJa5S1F5c= =TdDS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11695, CVE-2019-11696, CVE-2019-11699, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9814, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, CVE-2019-9821) It was discovered that pressing certain key combinations could bypass addon installation prompt delays. If a user opened a specially crafted website, an attacker could potentially exploit this to trick them in to installing a malicious extension. (CVE-2019-11697) It was discovered that history data could be exposed via drag and drop of hyperlinks to and from bookmarks. If a user were tricked in to dragging a specially crafted hyperlink to the bookmark toolbar or sidebar, and subsequently back in to the web content area, an attacker could potentially exploit this to obtain sensitive information. (CVE-2019-11698) A type confusion bug was discovered with object groups and UnboxedObjects. For the stable distribution (stretch), these problems have been fixed in version 1:60.7.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzoWm4ACgkQEMKTtsN8 TjbzCxAAkzMt+0SOM3NCOQ6tLLP1EWDUnRiBvTwq6JfJYRvngfSc2A2oHKLtDPF7 8NNdpvzNyXZUo1ARTMmoK/5slDalTvUF6+11mydrHw2oIasIOuiaxN1N9mRk2nIN 7LF/cZZyu/ghjuoCV10F5BRropCRxGcZUBM1fTmz9RO7YFOvHmn6s+PmJCag6XWy Iuq3JIP6hNYPTi+UBCU7oaMQD0P9Z1x3QCs/kraYps3dUxH7/o8Kw5Yqa91TsTn9 KiQPoeTTHfwk3n4NKCgczpPW2OZQZncowa9dg9LFd6N0uGOgoy3bCIjR/xYk7fan VaxbkNX613KHDjZauUCit0MrvlXBxOi4S0jAY5tU5uCvM7EtNat6IozZyxfVcW+/ gGt6a+IUXAGD9Y5IjIklsDMm2aM2Wxx8B+Es4TUw1ihddKrtiQx6e1cYOPUSlsYH 7wgKKrIjwnQJ0B41pTqTKngDaFR9WGnQ2+Mix8OIrDKx7rilNtLnuhRvQ52ZAIoV 5qtzrm4WfuG0OJi5Sql4O7euTbQgnuPWqp448WiRMYtR9mSVMDUOxpG79Fx0R/Hi TBmSmzMxMPKcFdc0nqELSCi3YArxtsUUjSOrilji60VSwiLItxNZsPPzs94zYirV +BXY7WOtP26CgkaGhBoUDfU1JL8mwP5+UkHpmgoJbtADT2lBH/o= =uTpA -----END PGP SIGNATURE----- . (CVE-2019-2816) It was discovered that the ChaCha20Cipher implementation in OpenJDK did not use constant time computations in some situations. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201908-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libpng: Multiple vulnerabilities Date: August 03, 2019 Bugs: #683366 ID: 201908-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. Background ========== libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libpng < 1.6.37:0 >= 1.6.37:0 Description =========== Multiple vulnerabilities have been discovered in libpng. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libpng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.6.37" References ========== [ 1 ] CVE-2018-14048 https://nvd.nist.gov/vuln/detail/CVE-2018-14048 [ 2 ] CVE-2018-14550 https://nvd.nist.gov/vuln/detail/CVE-2018-14550 [ 3 ] CVE-2019-7317 https://nvd.nist.gov/vuln/detail/CVE-2019-7317 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201908-02 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2019-141-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. Some of the patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/ https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-60.7.0esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-60.7.0esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.2 package: 9bb86b28639fe241a285ae8868f6fd3c mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz Slackware x86_64 14.2 package: 71cfd983350a89459015e89af1f4cf46 mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz Slackware -current package: 02f5b3d10ba9ef7a094f862b1a9b4120 xap/mozilla-firefox-60.7.0esr-i686-1.txz Slackware x86_64 -current package: b4ccd8857ce8355105c0595cf2d84154 xap/mozilla-firefox-60.7.0esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ========================================================================= Ubuntu Security Notice USN-4080-1 July 31, 2019 openjdk-8 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenJDK. Software Description: - openjdk-8: Open Source Java implementation Details: Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. (CVE-2019-2745) It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. (CVE-2019-2762) It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service (excessive memory consumption). (CVE-2019-2769) It was discovered that OpenJDK did not properly restrict privileges in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2019-2786) Jonathan Birch discovered that the Networking component of OpenJDK did not properly validate URLs in some situations. An attacker could use this to bypass restrictions on characters in URLs. (CVE-2019-2816) Nati Nimni discovered that the Java Cryptography Extension component in OpenJDK did not properly perform array bounds checking in some situations. An attacker could use this to cause a denial of service. (CVE-2019-2842) It was discovered that OpenJDK incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-7317) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: openjdk-8-jdk 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jdk-headless 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-headless 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-jamvm 8u222-b10-1ubuntu1~16.04.1 openjdk-8-jre-zero 8u222-b10-1ubuntu1~16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

arbitrary

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Ubuntu

SOURCES

LAST UPDATE DATE

2025-11-23T23:02:32.891000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE