[Apollo] Advisories Statistics light light Login

RLSA-2026:0125

Security Mirrored from RHSA-2026:0125
Issued at: 2026-01-07
Updated at: 2026-01-07

Synopsis

Important: mingw-libpng security update



Description

MinGW Windows Libpng library.

Security Fix(es):

* libpng: LIBPNG buffer overflow (CVE-2025-64720)

* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)

* libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2416904 2416907 2418711

CVEs

CVE-2025-64720 CVE-2025-65018 CVE-2025-66293

Affected packages

Rocky Linux 8 x86_64 - PowerTools

mingw32-libpng-0:1.6.34-1.el8_10.noarch.rpm mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch.rpm mingw32-libpng-static-0:1.6.34-1.el8_10.noarch.rpm mingw64-libpng-0:1.6.34-1.el8_10.noarch.rpm mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch.rpm mingw64-libpng-static-0:1.6.34-1.el8_10.noarch.rpm mingw-libpng-0:1.6.34-1.el8_10.src.rpm

Rocky Linux 8 aarch64 - PowerTools

mingw-libpng-0:1.6.34-1.el8_10.src.rpm