ALSA-2026:14791

[ALSA-2026:14791] Moderate: libpng security update

Type:

security

Severity:

moderate

Release date:

2026-05-13

Description:

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.  

Security Fix(es):  

  * libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libpng-1.6.37-12.el9_7.3.aarch64.rpm	831674666339f717eadf69c7d81f9b62502e9017cef5d71fbabe85e0592549b2
aarch64	libpng-devel-1.6.37-12.el9_7.3.aarch64.rpm	be71eea28864de8b1df1619aa242297e62d48e90d885722fb52b6536896d3a4d
i686	libpng-1.6.37-12.el9_7.3.i686.rpm	5ee8bc18bd1e625ac4e8660b73283a4dd6be9b1cdf9f6269176a6c371801d4d7
i686	libpng-devel-1.6.37-12.el9_7.3.i686.rpm	62404b3060ad224810698623004a614f5b776629692570712c7f89832e1a49cd
ppc64le	libpng-devel-1.6.37-12.el9_7.3.ppc64le.rpm	41fd6348294f36fc4369c408c5da1d673be2c919351318d33df4d77282e5d8a4
ppc64le	libpng-1.6.37-12.el9_7.3.ppc64le.rpm	e572fd950971595266f5fb83c60dd4deeccd712c6535de37813d140891dba078
s390x	libpng-1.6.37-12.el9_7.3.s390x.rpm	6b03a971315bf741840c4c0dfd9bed6d596a37da986c1560427fe3a7489433e7
s390x	libpng-devel-1.6.37-12.el9_7.3.s390x.rpm	d632d91724882676b646c90596acac9f0530916c93799aa552ab0aa6e41cb294
x86_64	libpng-1.6.37-12.el9_7.3.x86_64.rpm	9a5e95e9dbec5ef91d12bd8b6a91c8b86e15076c1fa92b0e3b06feb6e6a1b9a4
x86_64	libpng-devel-1.6.37-12.el9_7.3.x86_64.rpm	c1d6f7e2fefe8184c06e3fd1bde8657932ff6086d442d3d3139604f06bdea333

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.