| Package | libpng1.6 |
|---|---|
| Version | 1.6.28-1+deb9u2 (stretch), 1.6.36-6+deb10u1 (buster) |
| Related CVEs | CVE-2025-64505 CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 |
Multiple vulnerabilties have been found in libpng, the official PNG reference library, allowing information disclosure via out-of-bounds read, denial of service via application crash, or heap corruption with potential for arbitrary code execution.
CVE-2025-64505
Heap buffer over-read in png_do_quantize via malformed palette index.
CVE-2025-64506
Heap buffer over-read in png_write_image_8bit
CVE-2025-64720
Buffer overflow in png_image_read_composite via incorrect palette
premultiplication
CVE-2025-65018
Heap buffer overflow in png_combine_row triggered via png_image_finish_read
CVE-2025-66293
An out-of-bounds read vulnerability in libpng's simplified API allows
reading up to 1012 bytes beyond the png_sRGB_base[512] array when
processing palette PNG images with partial transparency and gamma correction
For Debian 10 buster, these problems have been fixed in version 1.6.36-6+deb10u1.
For Debian 9 stretch, these problems have been fixed in version 1.6.28-1+deb9u2.
We recommend that you upgrade your libpng1.6 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.