https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294397
Sergey A. Osokin <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Sergey A. Osokin <[email protected]> --- Version 1.6.57 [April 8, 2026] Fixed CVE-2026-34757 (medium severity): Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST` leading to corrupted chunk data and potential heap information disclosure. Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`, `png_set_unknown_chunks`) against a theoretical variant of the same aliasing pattern. (Reported by Iv4n <[email protected]>.) Fixed integer overflow in rowbytes computation in read transforms. (Contributed by Mohammad Seet.) -- You are receiving this mail because: You are the assignee for the bug.
