- **Package**: libpng - **Vulnerabilities**: Several - **Vulnerability Type**: Remote - **Debian-specific**: No - **CVE IDs**: CVE-2010-1205, CVE-2010-2249 - **Debian Bugs**: 533676, 572308 **CVE-2010-1205** - **Description**: Buffer overflow in libpng allowing remote attackers to execute arbitrary code via a PNG image with an additional data row. **CVE-2010-2249** - **Description**: Memory leak in libpng causing denial of service via a PNG image containing malformed Physical Scale (sCAL) chunks. **Affected Distributions** - **Stable (lenny)**: Fixed in version 1.2.27-2+lenny4 - **Testing (squeeze) and Unstable (sid)**: Fixed in version 1.2.44-1 **Upgrade Instructions** - Use `apt-get update` and `apt-get upgrade` to install corrected packages. - Automated update by adding the resources from the footer to the proper configuration.