Gentoo Linux Security Advisory GLSA 200711-08 – An off-by-one error when handling ICC profile chunks in the png_set_iCCP() function was discovered. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical instead of a bitwise functions and incorrect comparisons. Tavis Ormandy reported out-of-bounds read errors in several PNG chunk handling functions. Versions less than 1.2.21-r3 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/60761/glsa-200711-08.txt
Source: https://packetstormsecurity.com/files/60761/Gentoo-Linux-Security-Advisory-200711-8.html