libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (CVE-2015-8126)

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE
functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x
before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause
a denial of service (application crash) or possibly have unspecified other impact via a small
bit-depth value in an IHDR (aka image header) chunk in a PNG image.

Fixed in:

1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64

References:

https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-8126
http://www.openwall.com/lists/oss-security/2015/11/12/2
http://seclists.org/oss-sec/2015/q4/264

Upstream patches:

https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766
https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d
https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978
https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466
https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324

(from redmine: issue id 4882, created on 2015-11-20, closed on 2015-11-30)

Relations:
- child #4883 (closed)
- child #4884 (closed)
- child #4885 (closed)
- child #4886 (closed)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information