===========
Multiple integer overflows were reported, one of which Peter Valchev
(Google Security) found to be leading to a heap-based buffer overflow
in the cairo_image_surface_create_from_png() function that processes
PNG images.
Impact
======
A remote attacker could entice a user to view or process a specially
We apologize for the inconvenience.
Original advisory details:
Peter Valchev discovered that Cairo did not correctly decode PNG image data.
By tricking a user or automated system into processing a specially crafted
PNG with Cairo, a remote attacker could execute arbitrary code with user
privileges.
Background
==========
libpng is a free ANSI C library used to process and manipulate PNG
images.
Affected packages
=================
-------------------------------------------------------------------
