![]() Siria is not here any more - so nobody can counsel on Win98.Įdited 1 time(s). Your contributions could be still relevant and valuable epecially to other users with Win98 hardware. No apology about writing nicks needed I just wanted to mention it. The info provided by Your research led to finding the relevant fixes. As a Win98 user with obsolete hardware I no longer consider myself relevant to KM or the computing world at large but after reading about the potential seriousness of this widespread libpng vulnerability I decided to make contact. Lastly, I deliberately abandoned my forum profile in 2010, and thus my habit for the forum at the time. To momentarily drift off-topic regarding your replies above: I used the word "research" to briefly refer to the preliminary technical work and code discovery necessary for you to compile and provide the security fix, and I apologise for the errant capitalization of your nickname, first letter capitalization is a habit. K-Meleon will write these 2 files new with updated info every time they are deleted.Įdited 2 time(s). In rare cases keeping the old files has caused a crash. You must virus scan the downloaded file with Your own updated anti virus software.īefore first use. components/imglib2.dll in case the one downloaded is not compatible. The files are provided without any warranties that they are fit for use or anything else under K-Meleon's customary GNU license & under the following additional conditions.īefore use. That file is for GRE 1.9.1.x = K-Meleon 1.6.betas! That file is for GRE 1.8.x = K-Meleon 1.5.4! This fix is not official! You can however download the fixed files from: The resulting compiled files were tested by Doon, JamesD. Unpacked code Tarball: C:/Mozilla-1.9.2/modules/libimg/png/. The problem files were patched BTW replaced with code files from Firefox 3.6.27/3.6.28. Some days before that, Tuesday, Ma10:02 AM, Doon had submitted a detailed bug description which pointed to a way for a fix. Firefox, Thunderbird and Seamonkey users could be attacked simply by displaying a maliciously crafted image." This bug is remotely exploitable and can lead to arbitrary code execution. ![]() An attacker could craft malicious images which exploit this bug, and deliver them to users through websites or email messages. If I were to post a security alert in the forum today, to force public awareness, I would post the following: (btw, the securelist and bugzilla links are worth reading)įebru"The libpng graphics library, used by Firefox and Thunderbird as well as many other software packages, contains an exploitable integer overflow bug.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |