Description:
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.
Security Fix(es):
* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)
* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libpng-1.6.40-11.el10_2.1.aarch64.rpm |
3c3100064be5b950f5c4937bfe77cd01a9e57dcf3d59c8c05363a333c7a4d8e4 |
| aarch64 |
libpng-devel-1.6.40-11.el10_2.1.aarch64.rpm |
ce8b7e858f43b99beb04d771a71230666ac47bd4ac2ed6384f66a737a67cb50b |
| ppc64le |
libpng-1.6.40-11.el10_2.1.ppc64le.rpm |
7b1026491eca88e0df496dd40163967ea7918ff52f175bb8724e214031799014 |
| ppc64le |
libpng-devel-1.6.40-11.el10_2.1.ppc64le.rpm |
7c90fae3ab7c928042a2d59ac10568bc6cac08460cd2ef81491ac6a9c3e0b0e0 |
| s390x |
libpng-1.6.40-11.el10_2.1.s390x.rpm |
e33cc2b10e499e853820a56aa1e2c4e1093f46d2fae7cebb74b65377e47a979e |
| s390x |
libpng-devel-1.6.40-11.el10_2.1.s390x.rpm |
e50e5f04906c095f882085599f5df0061ef33fc994bb40fcd2194d52fd042e80 |
| x86_64 |
libpng-1.6.40-11.el10_2.1.x86_64.rpm |
3f323aa235b04ceade091ca5e350a6eebdfd9cf587e9e5233b6e43717ceae6df |
| x86_64 |
libpng-devel-1.6.40-11.el10_2.1.x86_64.rpm |
434294213ecf205e76349ce6242489a7ec3d386d0fcdf51640d8406f528b800c |
| x86_64_v2 |
libpng-1.6.40-11.el10_2.1.x86_64_v2.rpm |
2c542e14681fe2f435a51651c6bbb71cd80f561bfbf3eb38b3517ba83ed167f2 |
| x86_64_v2 |
libpng-devel-1.6.40-11.el10_2.1.x86_64_v2.rpm |
6e09119dceec5719e20cc6015ac050b3885b59bf528d35a26b11ec6bfce43e99 |
