Candidate: CVE-2008-6218
PublicDate: 2009-02-20 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218
Description:
 Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before
 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a
 denial of service (memory exhaustion) via a crafted PNG file.
Ubuntu-Description:
Notes:
 jdstrand> Ubuntu versions should not be affected because they do not use
   png_ptr->chunkdata. This member wasn't introduced until 1.2.30.
Bugs:
Priority: low
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_libpng:
upstream_libpng: released (1.2.33)
dapper_libpng: not-affected (1.2.8rel-5ubuntu0.3)
gutsy_libpng: not-affected (1.2.15~beta5-2ubuntu0.1)
hardy_libpng: not-affected (1.2.15~beta5-3)
intrepid_libpng: not-affected (1.2.27-1)
devel_libpng: not-affected (1.2.27-2ubuntu1)