[SECURITY] libpng vulnerabilities

[Charles Wilson]

On 7/26/2011 3:43 PM, Yaakov (Cygwin/X) wrote:
> Remedy:
> Update libpng10 to 1.0.55 (or just remove it, as nothing in the distro
> depends on it any more), libpng12 to 1.2.45, and libpng14 to 1.4.8.

Thanks for the headsup. I don't think I can get to this before tomorrow
night, tho.

General question: would it be acceptable to move libpng10 to obsolete
(removing libpng10-devel), and NOT update it -- rather than removing it
entirely?

--
Chuck