FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
13ca36b8-6141-11eb-8a36-7085c2fb2c14pngcheck -- Buffer-overrun vulnerability

The libpng project reports:

pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks (the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used). Both bugs are fixed in version 3.0.1, released on 24 January 2021. Again, while all known vulnerabilities are fixed in this version, the code is quite crufty, so it would be safest to assume there are still some problems hidden in there. As always, use at your own risk.


Discovery 2021-01-24
Entry 2021-01-28
pngcheck
lt 3.0.1

http://www.libpng.org/pub/png/apps/pngcheck.html