SUSE-SU-2019:3060-2

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2017-12652 CVE-2019-7317

Published: 03 Mar 2020, 10:44

Last modified:04 Feb 2026, 04:10

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 Mar 2020, 10:44

Published

Vulnerability first disclosed

04 Feb 2026, 04:10

Last Modified

Vulnerability information updated

Description

Security update for libpng16 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free() was called under png_safe_execute (bsc#1124211). - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks (bsc#1141493).

Affected Systems

suse•libpng16&distro=SUSE Enterprise Storage 5
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server 12 SP1-LTSS
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server 12 SP3-BCL
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server 12 SP3-LTSS
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE OpenStack Cloud 7
< 1.6.8-15.5.2
suse•libpng16&distro=SUSE OpenStack Cloud 8
< 1.6.8-15.5.2

SUSE-SU-2019:3060-2

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)