Description:
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.
Security Fix(es):
* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)
* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libpng-1.6.37-15.el9_8.2.aarch64.rpm |
aec5ce2849a075b37d5e93a0152854e465de0ce63c3b62a287e169e14bbd0230 |
| aarch64 |
libpng-devel-1.6.37-15.el9_8.2.aarch64.rpm |
e0592326dc0ed8a5a744f6a2e4aa92cb4298a034f2bd9760a3f484561f55067f |
| i686 |
libpng-1.6.37-15.el9_8.2.i686.rpm |
897e0e88bf76a826af48bf1d697af0643c35707073230e8819ad0d285e965a43 |
| i686 |
libpng-devel-1.6.37-15.el9_8.2.i686.rpm |
89b7cbc4c5f814102d2f09b57f5ab35d96e76d367a93f36f0b32c05689f08816 |
| ppc64le |
libpng-1.6.37-15.el9_8.2.ppc64le.rpm |
0200db7897df57bc03316fa0c19fb9fdc4274814b6b8283370b566f406c0d68e |
| ppc64le |
libpng-devel-1.6.37-15.el9_8.2.ppc64le.rpm |
b7bfb5dcd229e89855241b0bdc0e1ee4477f579891fc851f66e628ecbbe0d8f5 |
| s390x |
libpng-devel-1.6.37-15.el9_8.2.s390x.rpm |
ba7a2d3394f214875d0d390f09bc645ee151463a0e75650176b95f50773c97b4 |
| s390x |
libpng-1.6.37-15.el9_8.2.s390x.rpm |
fa899b2ca1c3da73a99e85c89db9e595930034f32475d70d66b32f2f771720a8 |
| x86_64 |
libpng-1.6.37-15.el9_8.2.x86_64.rpm |
b50c9af737a243e6a3c644ecb26f9f2c2a0d214385b0b06102858fea68ae760e |
| x86_64 |
libpng-devel-1.6.37-15.el9_8.2.x86_64.rpm |
be8cd8ace92fc8f8475ebf2fef4e6add6386f1405076f02504ba696bc85036fa |
