SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libpng16-16-1.6.38-2.1.x86_64.rpm :

* Fri Sep 16 2022 Dirk Müller - update to 1.6.38:
* Added configurations and scripts for continuous integration.
* Fixed various errors in the handling of tRNS, hIST and eXIf.
* Implemented many stability improvements across all platforms.
* Updated the internal documentation.
* Wed May 04 2022 Marcus Meissner - switch source url to https
* Thu May 06 2021 pgajdosAATTsuse.com- install rpm macros in %{_rpmmacrodir} [bsc#1185661]- call spec-cleaner
* Thu Mar 11 2021 Lubos Lunak - enable hardware optimizations (such as SSE)
* Wed Apr 17 2019 pgajdosAATTsuse.com- make check actually works under asan
* Mon Apr 15 2019 pgajdosAATTsuse.com- version update to 1.6.37 Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free. Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette. Fixed a memory leak in pngtest.c. Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in contrib/pngminus; refactor. Changed the license of contrib/pngminus to MIT; refresh makefile and docs. (Contributed by Willem van Schaik) Added makefiles for AddressSanitizer-enabled builds.- deleted patches - libpng-arm-free.patch (upstreamed)
* Mon Jan 28 2019 Petr Gajdos - fix arm build [bsc#1121829] + libpng-arm-free.patch
* Mon Jan 14 2019 Petr Gajdos - asan_build: build ASAN included- debug_build: build more suitable for debugging, install pngcp
* Mon Dec 31 2018 Petr Gajdos - update to 1.6.36: Replaced the remaining uses of png_size_t with size_t (Cosmin) Fixed the calculation of row_factor in png_check_chunk_length (reported by Thuan Pham in SourceForge issue #278) Added missing parentheses to a macro definition (suggested by \"irwir\" in GitHub issue #216) Optimized png_do_expand_palette for ARM processors. Improved performance by around 10-22% on a recent ARM Chromebook. (Contributed by Richard Townsend, ARM Holdings) Fixed manipulation of machine-specific optimization options. (Contributed by Vicki Pfau) Used memcpy instead of manual pointer arithmetic on Intel SSE2. (Contributed by Samuel Williams) Fixed build errors with MSVC on ARM64. (Contributed by Zhijie Liang) Fixed detection of libm in CMakeLists. (Contributed by Cameron Cawley) Fixed incorrect creation of pkg-config file in CMakeLists. (Contributed by Kyle Bentley) Fixed the CMake build on Windows MSYS by avoiding symlinks. Fixed a build warning on OpenBSD. (Contributed by Theo Buehler) Fixed various typos in comments. (Contributed by \"luz.paz\") Raised the minimum required CMake version from 3.0.2 to 3.1. Removed yet more of the vestigial support for pre-ANSI C compilers. Removed ancient makefiles for ancient systems that have been broken across all previous libpng-1.6.x versions. Removed the Y2K compliance statement and the export control information. Applied various code style and documentation fixes.- removed patches
* libpng16-CVE-2018-13785.patch (upstreamed)- cannot find upstream tarball signature, asked upstream for clarification
* Wed Aug 01 2018 pgajdosAATTsuse.com- security update:
* CVE-2018-13785 [bsc#1100687] + libpng16-CVE-2018-13785.patch
* Mon Feb 05 2018 pgajdosAATTsuse.com- %{libname} package provides libpng = %{version} again [bsc#1079342]
* Wed Jan 31 2018 pgajdosAATTsuse.com- check with -j1
* Tue Jan 30 2018 jengelhAATTinai.de- Fix SRPM group and grammar issues.
* Tue Jan 30 2018 pgajdosAATTsuse.com- removed obsoleted Obsoletes
* Sun Jan 28 2018 avindraAATTopensuse.org- update to 1.6.34:
* Removed contrib/pngsuite/i
*.png; some of these were incorrect and caused test failures.- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p
*.c and added missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz \"use of uninitialized value\" detection in png_set_text_2() due to truncated iTXt or zTXt chunk.
* Initialize memory allocated by png_read_buffer to zero, using memset, to stop an oss-fuzz \"use of uninitialized value\" detection in png_icc_check_tag_table() due to truncated iCCP chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32 state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when benign_errors are allowed. Avoid leaking the input buffer \"eXIf_buf\".
* Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in pngwrite.c, and made various other fixes to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size, accounting for height, rowbytes, interlacing and zlib/deflate overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf) does not work (the eXIf chunk data can contain zeroes).
* Revised symlink creation, no longer using deprecated cmake LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum possible size.
* Moved chunk-length check into a png_check_chunk_length() private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix \"const\" declaration info_ptr argument to png_get_eXIf_1() and the num_exif argument to png_get_eXIf_1()
* Added \"eXIf\" to \"chunks_to_ignore[]\" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m (multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz\' leak.
* Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account for the minimum \'deflate\' stream, and relocate the test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with \"II\" or \"MM\".
* Added a set of \"huge_xxxx_chunk.png\" files to contrib/testpngs/crashers, one for each known chunk type, with length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts in contrib/pngminus/
*.c to stop some Coverity issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having files whose names differ only in case; this causes problems with some platforms
* Added contrib/oss-fuzz directory which contains files used by the oss-fuzz project- cleanup with spec-cleaner
  
ICM