ALSA-2026:0125

[ALSA-2026:0125] Important: mingw-libpng security update

Type:

security

Severity:

important

Release date:

2026-01-07

Description:

MinGW Windows Libpng library.  

Security Fix(es):  

  * libpng: LIBPNG buffer overflow (CVE-2025-64720)
  * libpng: LIBPNG heap buffer overflow (CVE-2025-65018)
  * libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
noarch	mingw64-libpng-static-1.6.34-1.el8_10.noarch.rpm	10a711bc91d361e8f23329f92acf46c1b37db7f6ba733f8cf146c969201364eb
noarch	mingw64-libpng-1.6.34-1.el8_10.noarch.rpm	3c5b2499b6334fd930e2e7ff5900e07d7d670ce8f8b610b59d85218ec09c8218
noarch	mingw32-libpng-1.6.34-1.el8_10.noarch.rpm	9995956a8491029c65749f98e2e024da2c4ad23da047ded6700fc7643fff0b37
noarch	mingw32-libpng-static-1.6.34-1.el8_10.noarch.rpm	a12947d36ef1e65e0e29599ba2e7212748563788fae5488110fdb1f71e4c9fc5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.