harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Hindess" <mark.hind...@googlemail.com>
Subject [security] Vulnerabilities in libpng in milestone releases
Date Wed, 07 Jul 2010 19:57:58 GMT

I've updated the libpng dependency from version 1.4.1 to 1.4.3 in commit
r959412.  The 1.4.1 release contains some vulnerabilities described at:

  http://www.libpng.org/pub/png/libpng.html
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205

These problems will affect our windows milestone releases.  These are
development milestones but anyone using them in production should
consider updating the awt and imageio dlls.

Regards,
 Mark.



Mime
View raw message