[CLSA-2026:1781080639] libpng: Fix of CVE-2026-33416
Type:
security
Severity:
Important
Release date:
2026-06-11 20:06:38 UTC
Description:
- CVE-2026-33416: fix use-after-free from aliased palette/trans_alpha buffers between png_struct and png_info
CVEs fixed:
Updated packages:
  • libpng-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:6f8c9612ab2539bd79b261a0f647a508ec6d832d8af2245f9b69b28293ba7101
  • libpng-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:2e7673f6b08c4fcac7eb6df266b9841405a5604cd8256edb069827ea383cf883
  • libpng-devel-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:fffcdc6356a6d648a86038729bae38e84a6534129101266778b7db5ace9c7125
  • libpng-devel-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:e0a04da30cc55d4c9a10514425bea71b8ce83753f4c87e2e0ef8a66a87f455d3
  • libpng-static-1.5.13-8.el7.tuxcare.els4.i686.rpm
    sha:6b9edcababa122e140054589eb6d48590586d7546a22d7179341e361cceb50b0
  • libpng-static-1.5.13-8.el7.tuxcare.els4.x86_64.rpm
    sha:c08c324454fe4a51b9bb1dad6228474f4a2af876d74e8ff3309d0436e6c475c9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.