CVE-2018-14550

Priority
Description
An issue has been found in third-party PNM decoding associated with libpng
1.6.35. It is a stack-based buffer overflow in the function get_token in
pnm2png.c in pnm2png.
Notes
mdeslaurthe pnm2png binary isn't shipped in Ubuntu
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not compiled)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not compiled)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not compiled)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not compiled)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not compiled)
More Information

Updated: 2020-01-29 20:02:09 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)