Description:
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.
Security Fix(es):
* libpng: LIBPNG buffer overflow (CVE-2025-64720)
* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)
* libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libpng-1.6.40-8.el10_1.1.aarch64.rpm |
c26b17bbb7f644d041a89e42b2bffa40d95b21275ec1a05b47d0f51e62acaea5 |
| aarch64 |
libpng-devel-1.6.40-8.el10_1.1.aarch64.rpm |
eb980d0311672ec9296453b22e702d1cc653bcec1be8ea6f4a9b5895f71d7253 |
| ppc64le |
libpng-devel-1.6.40-8.el10_1.1.ppc64le.rpm |
341f0654304e5f63cdf04756bf37966a0376b0757b777ce8b8dfa380039140ee |
| ppc64le |
libpng-1.6.40-8.el10_1.1.ppc64le.rpm |
9476566fdfdd5d09c1269694a3a7e63f8db68edf5a6335923aa2b503e8747b70 |
| s390x |
libpng-devel-1.6.40-8.el10_1.1.s390x.rpm |
7b96f3578b598b7c7c2a394326ec9684ef2e80e2fd1647539a07a7e662ae6633 |
| s390x |
libpng-1.6.40-8.el10_1.1.s390x.rpm |
f336f14a147a9de1cd7c4d52f35d6419fa6b648748525c6dc26bd386b1b7f653 |
| x86_64 |
libpng-devel-1.6.40-8.el10_1.1.x86_64.rpm |
211dd3f4668f4fb210f28e7f6239922efc55f4549e805dba062d3bdf4d945c59 |
| x86_64 |
libpng-1.6.40-8.el10_1.1.x86_64.rpm |
a1514a0ce56c63058f1dffe8e204eeb5f1001a3524f25dc1f0ecc9e12ff4d27e |
| x86_64_v2 |
libpng-devel-1.6.40-8.el10_1.1.x86_64_v2.rpm |
3d2c181d2f9ec3dfd63eef5aa7f9994281d94431397d05ffbe82e9b52bca5614 |
| x86_64_v2 |
libpng-1.6.40-8.el10_1.1.x86_64_v2.rpm |
895f02506d01cdc9980f820ded61171bc0deca9a088b63269d2484d955361e78 |
