Debian Security Advisory
DLA-332-1 optipng -- LTS security update
- Date Reported:
- 22 Oct 2015
- Affected Packages:
- optipng
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-7801.
- More information:
-
Gustavo Grieco discovered a use-after-free causing an invalid/double free in optipng 0.6.4.
For Debian 6 Squeeze, this issue has been fixed in optipng version 0.6.4-1+deb6u11.