Candidate: CVE-2013-6954
PublicDate: 2014-01-12 18:34:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954
 http://sourceforge.net/mailarchive/message.php?msg_id=31751422
Description:
 The png_do_expand_palette function in libpng before 1.6.8 allows remote
 attackers to cause a denial of service (NULL pointer dereference and
 application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL
 palette, related to pngrtran.c and pngset.c.
Ubuntu-Description:
Notes:
 mdeslaur> vulnerable code introduced in 1.6.1. In 1.2.x, png_ptr->palette
 mdeslaur> is always set in png_set_PLTE() in pngset.c.
 jdstrand> openjdk uses system png
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=1045561
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libpng:
 upstream: http://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968c
upstream_libpng: released (1.6.8)
lucid_libpng: not-affected
precise_libpng: not-affected
quantal_libpng: not-affected
raring_libpng: not-affected
saucy_libpng: not-affected
devel_libpng: not-affected

Patches_openjdk-7:
upstream_openjdk-7: released (7u55-2.4.7-1)
lucid_openjdk-7: DNE
precise_openjdk-7: ignored (uses system libjpeg6b)
quantal_openjdk-7: ignored (uses system libjpeg6b)
saucy_openjdk-7: ignored (uses system libjpeg6b)
trusty_openjdk-7: ignored (uses system libjpeg6b)
trusty/esm_openjdk-7: DNE (trusty was ignored [uses system libjpeg6b])
devel_openjdk-7: ignored (uses system libjpeg6b)