SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libpng3-1.2.46-1.43.2.i586.rpm :
Thu Aug 18 14:00:00 2011 lijewski.stefanAATTgmail.com
- update to 1.2.46, fixes:

* CVE-2011-2501 [bnc#702578]

* CVE-2011-2690 [bnc#706387]

* CVE-2011-2691 [bnc#706388]

* CVE-2011-2692 [bnc#706389]

Tue Aug 24 14:00:00 2010 pgajdosAATTsuse.cz
- fixed [bnc#617866]

* memory leak CVE-2010-2249

* out of bounds write to memory CVE-2010-1205

Tue Mar 9 13:00:00 2010 pgajdosAATTsuse.cz
- Defending Libpng Applications Against Decompression Bombs
[bnc#580484]
http://libpng.sourceforge.net/decompression_bombs.html

* CVE-2010-0205.patch

Mon Jun 22 14:00:00 2009 pgajdosAATTsuse.cz
- initialize allocated buffer [bnc#514727]

* CVE-2009-2042.patch

Mon Feb 23 13:00:00 2009 pgajdosAATTsuse.cz
- replace double-free.patch by CVE-2009-0040.patch (upstream patch)

Fri Feb 13 13:00:00 2009 pgajdosAATTsuse.cz
- fixed possible double free security bug [bnc#472745]

* double-free.patch

Tue Jan 20 13:00:00 2009 pgajdosAATTsuse.cz
- fixed CVE-2008-5907 [bnc#467308]

* CVE-2008-5907.patch

Mon Sep 15 14:00:00 2008 pgajdosAATTsuse.cz
- fixed CVE-2008-3964 [bnc#424739]

* CVE-2008-3964.patch

Thu Sep 11 14:00:00 2008 pgajdosAATTsuse.cz
- updated to version 1.2.31:

* coding bugfixes and enhancements

Mon Sep 1 14:00:00 2008 ajAATTsuse.de
- Do not package la files.

Mon Jun 23 14:00:00 2008 pgajdosAATTsuse.cz
- updated to 1.2.29:

* fixes to the configure-related build-scripts

* security fix that affects programs that attempt to do
special handling of unknown PNG chunks (presumably very
few such programs), along with a reversion to previous
behavior for handling of images with out-of-range tRNS-chunk
values [bnc#378634]

* fix for unintentional gray-to-RGB conversion in
png_set_expand_gray_1_2_4_to_8()

* various other minor fixes
- removed makefile-am.patch, issue fixed upstream

Sun May 11 14:00:00 2008 cooloAATTsuse.de
- fix rename of xxbit packages

Tue Apr 22 14:00:00 2008 pgajdosAATTsuse.cz
- $(ECHO) substituted by echo in Makefile.in -- fixes package
build in beta (makefile-am.patch)

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Thu Apr 3 14:00:00 2008 pgajdosAATTsuse.cz
- updated to 1.2.26:

* fixed minor coding errors that could lead to crashes in
exceptional cases

Thu Dec 6 13:00:00 2007 mrueckertAATTsuse.de
- added provides/obsoletes for the old package

Fri Nov 30 13:00:00 2007 nadvornikAATTsuse.cz
- updated to 1.2.23:

* more sanity checks, fixes [#332249]
- adjusted to Shared Library Policy:

* renamed package libpng to libpng12-0

* created compatibility package libpng3

Wed Jul 11 14:00:00 2007 nadvornikAATTsuse.cz
- updated to 1.2.18:

* security fixes merged upstream

Thu Mar 29 14:00:00 2007 ajAATTsuse.de
- Add zlib-devel to BuildRequires.

Thu Nov 23 13:00:00 2006 nadvornikAATTsuse.cz
- fixed crash on malformed sPLT chunks CVE-2006-5793 [#219007]

Mon Jul 17 14:00:00 2006 nadvornikAATTsuse.cz
- make sure PNG_NO_ASSEMBLER_CODE is used consistently


  
ICM