Uploaded image for project: 'ROOT'
  1. ROOT
  2. ROOT-5322

Shipped libpng is outdated, has multiple security issues

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 5.34/00
    • Fix Version/s: None
    • Component/s: Graphics
    • Labels:
      None
    • Environment:

      For builds were no central libpng headers were found

      Description

      Shipped version in /graf2d/asimage/src/libAfterImage/libpng is:
      libpng version 1.2.23 - November 6, 2007

      This leaves root vulnerable to almost six years of security issues, see the bottom of http://www.libpng.org/pub/png/libpng.html for a list.

      Upgrading to 1.2.50 would fix this and retain the API.

        Attachments

          Activity

            People

            • Assignee:
              couet Olivier Couet
              Reporter:
              1a6d63d41e0230d528a8 Christian Pulvermacher
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: