SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libpng12-0-debuginfo-1.2.59-lp160.1.3.x86_64.rpm :

* Fri Mar 01 2024 pgajdosAATTsuse.com- Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN
* Wed May 04 2022 Marcus Meissner - switched to https url
* Wed Jul 17 2019 pgajdosAATTsuse.com- version update to 1.2.59 Added png_check_chunk_length() function, and check all chunks except IDAT against the default 8MB limit; check IDAT against the maximum size computed from IHDR parameters (Fixes CVE-2017-12652). Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz \"use of uninitialized value\" detection in png_set_text_2() due to truncated iTXt or zTXt chunk.
* Wed Jan 31 2018 pgajdosAATTsuse.com- check with -j1, be explicit
* Tue Jan 30 2018 jengelhAATTinai.de- Fix SRPM group and grammar issues.
* Mon Jan 02 2017 pgajdosAATTsuse.com- updated to 1.2.57: fixes CVE-2016-10087
* Thu Dec 17 2015 pgajdosAATTsuse.com- updated to 1.2.56: Fixed an out-of-range read in png_check_keyword() (Bug report from Qixue Xiao, CVE-2015-8540). Added keyword checks to pngset.c
* Thu Dec 03 2015 pgajdosAATTsuse.com- updated to 1.2.55: Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr). Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 vulnerability.
* Fri Nov 13 2015 pgajdosAATTsuse.com- updated to 1.2.54
* Fri Aug 07 2015 pgajdosAATTsuse.com- build in build section
* Fri Feb 27 2015 pgajdosAATTsuse.com- updated to 1.2.53: Issue a png_error() instead of a png_warning() when width is potentially too large for the architecture, in case the calling application has overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and CVE-2015-0973). Display user limits in the output from pngtest. Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000. This can only be changed at library-build time. It only affects the maximum memory that can be allocated to an ancillary chunk; it does not limit the size of IDAT data, which is instead limited by PNG_USER_WIDTH_MAX.
* Mon Jan 19 2015 olafAATTaepfle.de- Fix CVE-2013-7354.patch, include limits.h for INT_MAX
* Thu Nov 20 2014 pgajdosAATTsuse.com- updated to 1.2.52:
* Avoid out-of-bounds memory access while checking version string.
* Tue Apr 22 2014 pgajdosAATTsuse.com- security update:
* CVE-2013-7353.patch [bnc#873124]
* CVE-2013-7354.patch [bnc#873123]
* Fri Feb 07 2014 pgajdosAATTsuse.com- updated to 1.2.51: Ignore, with a warning, out-of-range value of num_trans in png_set_tRNS(). Replaced AM_CONFIG_HEADER(config.h) with AC_CONFIG_HEADERS([config.h]) in configure.ac Changed default value of PNG_USER_CACHE_MAX from 0 to 32767 in pngconf.h. Avoid a possible memory leak in contrib/gregbook/readpng.c Revised libpng.3 so that \"doclifter\" can process it. Changed \'\"%s\"m\' to \'\"%s\" m\' in png_debug macros to improve portability among compilers. Rebuilt the configure scripts with autoconf-2.69 and automake-1.14.1 Removed potentially misleading warning from png_check_IHDR(). Quiet set-but-not-used warnings in pngset.c Quiet an uninitialized memory warning from VC2013 in png_get_png(). Quiet unused variable warnings from clang by porting PNG_UNUSED() from libpng-1.4.6. Added -DZ_SOLO to CFLAGS in contrib/pngminim/
*/makefile Added an #ifdef PNG_FIXED_POINT_SUPPORTED/#endif in pngset.c
* Wed Apr 17 2013 cooloAATTsuse.com- add conflicts in -32bit package
* Mon Apr 15 2013 mmeisterAATTsuse.com- Added url as source. Please see http://en.opensuse.org/SourceUrls
* Wed Oct 24 2012 jengelhAATTinai.de- Add missing baselib requires for compat-devel-32bit
* Wed Jul 11 2012 pgajdosAATTsuse.com- updated to 1.2.50: Changed \"a+w\" to \"u+w\" in Makefile.in to fix CVE-2012-3386.
* Thu Mar 29 2012 pgajdosAATTsuse.com- updated to 1.2.49: [bnc#754745] Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice.
* Wed Mar 14 2012 pgajdosAATTsuse.com- updated to 1.2.48:
* fixed CVE-2011-3045 [bnc#752008]
* Mon Feb 20 2012 pgajdosAATTsuse.com- updated to 1.2.47:
* fixed CVE-2011-3026 [bnc#747311]
* Thu Dec 01 2011 idoenmezAATTsuse.de- Name field shouldn\'t contain a macro
* Thu Dec 01 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Wed Oct 05 2011 uliAATTsuse.com- cross-build fix: use %configure macro
* Tue Jul 12 2011 pgajdosAATTnovell.com- updated to 1.2.46:
* fixed CVE-2011-2501 [bnc#702578]
* Mon Aug 30 2010 cooloAATTnovell.com- fix baselibs.conf after previous change
* Thu Jul 29 2010 pgajdosAATTsuse.cz- add devel packages to baselibs.conf [bnc#625883]
* Mon Jun 28 2010 pgajdosAATTsuse.cz- updated to 1.2.44: fixed libpng overflow (CVE-2010-1205) and memory leak [bnc#617866]
* Fri Jun 04 2010 cooloAATTnovell.com- remove the devel packages from baselibs.conf, not convinced of their usefulness
* Sat Apr 24 2010 cooloAATTnovell.com- buildrequire pkg-config to fix provides
* Thu Feb 25 2010 pgajdosAATTsuse.cz- updated to 1.2.43 (fixes [bnc#585403]):
* Removed \"#define PNG_NO_ERROR_NUMBERS\" that was inadvertently added to pngconf.h in version 1.2.41.
* Removed leftover \"-DPNG_CONFIGURE_LIBPNG\" from scripts/makefile.darwin and contrib/pngminim/
*/makefile
* Relocated png_do_chop() to its original position in pngrtran.c; the change in version 1.2.41beta08 caused transparency to be handled wrong in some 16-bit datastreams (Yusaku Sugai).
* Renamed libpng-pc.in back to libpng.pc.in and revised CMakeLists.txt (revising changes made in 1.2.41)
* Swapped PNG_UNKNOWN_CHUNKS_SUPPORTED and PNG_HANDLE_AS_UNKNOWN_SUPPORTED in pngset.c to be consistent with other changes in version 1.2.38.
* Avoid deprecated references to png_ptr-io_ptr and png_ptr->error_ptr in pngtest.c
* Mon Dec 14 2009 jengelhAATTmedozas.de- add baselibs.conf as a source
* Mon Dec 07 2009 pgajdosAATTsuse.cz- updated to 1.2.41: contains numerous cleanups, some new compile-time warnings about direct struct access (define PNG_NO_PEDANTIC_WARNINGS to enable), a new xcode build project, and a minor performance improvement (avoid building 16-bit gamma tables when not needed)
* Tue Nov 24 2009 pgajdosAATTsuse.cz- updated to 1.2.40: Removed an extra png_debug() recently added to png_write_find_filter(). Fixed incorrect #ifdef in pngset.c regarding unknown chunk support. Various bugfixes and improvements to CMakeLists.txt (Philip Lowman)
* Tue Nov 03 2009 cooloAATTnovell.com- updated patches to apply with fuzz=0
* Thu Aug 13 2009 pgajdosAATTsuse.cz- updated to 1.2.39:
* Added a prototype for png_64bit_product() in png.c
* Avoid a possible NULL dereference in debug build, in png_set_text_2()
* Relocated new png_64_bit_product() prototype into png.h
* Replaced
*.tar.lzma with
*.txz in distribution.
* Reject attempt to write iCCP chunk with negative embedded profile length.
* Mon Jul 20 2009 pgajdosAATTsuse.cz- updated to 1.2.38:
* Revised libpng
*.txt and libpng.3 to mention calling png_set_IHDR() multiple times and to specify the sample order in the tRNS chunk, because the ISO PNG specification has a typo in the tRNS table.
* Changed several PNG_UNKNOWN_CHUNK_SUPPORTED to PNG_HANDLE_AS_UNKNOWN_SUPPORTED, to make the png_set_keep mechanism available for ignoring known chunks even when not saving unknown chunks.
* Adopted preference for consistent use of \"#ifdef\" and \"#ifndef\" versus \"#if defined()\" and \"if !defined()\" where possible.
* Added PNG_NO_HANDLE_AS_UNKNOWN in the PNG_LEGACY_SUPPORTED block of pngconf.h, and moved the various unknown chunk macro definitions outside of the PNG_READ|WRITE_ANCILLARY_CHUNK_SUPPORTED blocks.
* Thu Jun 04 2009 pgajdosAATTsuse.cz- updated to 1.2.37:
* fixed bug with new png_memset() of the big_row_buffer
* Tue May 12 2009 pgajdosAATTsuse.cz- updated to 1.2.36 (see CHANGES)
* Mon Feb 23 2009 pgajdosAATTsuse.cz- fixes possible double free [bnc#472745] (CVE-2009-0040)
* Mon Jan 19 2009 pgajdosAATTsuse.cz- updated to 1.2.34:
* fixes CVE-2008-3964 (removed CVE-2008-3964.patch)
* Tue Jan 13 2009 olhAATTsuse.de- obsolete old -XXbit packages (bnc#437293)
* Mon Sep 15 2008 pgajdosAATTsuse.cz- fixed CVE-2008-3964 [bnc#424739]
* CVE-2008-3964.patch
* Thu Sep 11 2008 pgajdosAATTsuse.cz- updated to version 1.2.31:
* coding bugfixes and enhancements
* Mon Sep 01 2008 ajAATTsuse.de- Do not package la files.
* Mon Jun 23 2008 pgajdosAATTsuse.cz- updated to 1.2.29:
* fixes to the configure-related build-scripts
* security fix that affects programs that attempt to do special handling of unknown PNG chunks (presumably very few such programs), along with a reversion to previous behavior for handling of images with out-of-range tRNS-chunk values [bnc#378634]
* fix for unintentional gray-to-RGB conversion in png_set_expand_gray_1_2_4_to_8()
* various other minor fixes- removed makefile-am.patch, issue fixed upstream
* Sun May 11 2008 cooloAATTsuse.de- fix rename of xxbit packages
* Tue Apr 22 2008 pgajdosAATTsuse.cz- $(ECHO) substituted by echo in Makefile.in -- fixes package build in beta (makefile-am.patch)
* Thu Apr 10 2008 roAATTsuse.de- added baselibs.conf file to build xxbit packages for multilib support
* Thu Apr 03 2008 pgajdosAATTsuse.cz- updated to 1.2.26:
* fixed minor coding errors that could lead to crashes in exceptional cases
* Thu Dec 06 2007 mrueckertAATTsuse.de- added provides/obsoletes for the old package
* Fri Nov 30 2007 nadvornikAATTsuse.cz- updated to 1.2.23:
* more sanity checks, fixes [#332249]- adjusted to Shared Library Policy:
* renamed package libpng to libpng12-0
* created compatibility package libpng3
* Wed Jul 11 2007 nadvornikAATTsuse.cz- updated to 1.2.18:
* security fixes merged upstream
* Thu Mar 29 2007 ajAATTsuse.de- Add zlib-devel to BuildRequires.
* Thu Nov 23 2006 nadvornikAATTsuse.cz- fixed crash on malformed sPLT chunks CVE-2006-5793 [#219007]
* Mon Jul 17 2006 nadvornikAATTsuse.cz- make sure PNG_NO_ASSEMBLER_CODE is used consistently
* Thu Jun 29 2006 nadvornikAATTsuse.cz- updated to 1.2.12:
* fixed possible buffer overflow [#189241]
* Wed Jun 21 2006 nadvornikAATTsuse.cz- updated to 1.2.10:
* use autoconf
* many bugfixes- libpng12-config no longer gives -Wl,-rpath,/usr/lib [#168627]- spec file cleanup
* Fri Feb 24 2006 nadvornikAATTsuse.cz- removed libpng-64bit.diff [#153106]
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Thu Jan 12 2006 nadvornikAATTsuse.cz- compile with -fstack-protector
* Mon Oct 10 2005 nadvornikAATTsuse.cz- fixed incorrect inline asm usage
* Thu May 19 2005 roAATTsuse.de- fix libdir in pkgconfig file libpng.pc
* Thu Jan 20 2005 nadvornikAATTsuse.cz- updated to 1.2.8:
* fixed crash of applications that strip the alpha channel
* fixed invalid zlib header within the PNG datastream
* Mon Sep 27 2004 sfAATTsuse.de- fixed problem with wrong assumption for long on 64bit archs which prevents khunphan from working (#45738)
* Wed Aug 25 2004 kukukAATTsuse.de- Avoid /bin/sh PreRequires
* Mon Aug 16 2004 nadvornikAATTsuse.cz- updated to 1.2.6: included security fixes
* Mon Jul 19 2004 nadvornikAATTsuse.cz- fixed several buffer overflows [#43008]
* Wed Jun 16 2004 nadvornikAATTsuse.cz- added missing part of pngtran overflow patch [#42043]
* Fri Apr 23 2004 nadvornikAATTsuse.cz- fixed reading behind end of string [#39180]
* Sat Jan 10 2004 adrianAATTsuse.de- build as user
* Fri Oct 10 2003 adrianAATTsuse.de- add %run_ldconfig
* Mon Apr 07 2003 roAATTsuse.de- fix tail calling syntax
* Mon Feb 10 2003 nadvornikAATTsuse.cz- link the shared library with -lz -lm -lc again
* Wed Jan 29 2003 kukukAATTsuse.de- Fix libpng-devel requires (add zlib-devel) [Bug #23154]
* Fri Jan 24 2003 sbrabecAATTsuse.cz- Added missing pkgconfig files to %files.
* Tue Jan 07 2003 nadvornikAATTsuse.cz- updated to 1.2.5- fixed buffer overflow
* Wed Jul 31 2002 cooloAATTsuse.de- fix libz dependency, so the resulting libpng is self containing
* Fri Jul 26 2002 adrianAATTsuse.de- fix neededforbuild
* Wed Jul 24 2002 nadvornikAATTsuse.cz- updated to 1.2.4: - fixed buffer overflow in pngpread.c when IDAT is corrupted with extra data
* Fri Jul 12 2002 schwabAATTsuse.de- Fix makefile.
* Fri Jul 05 2002 kukukAATTsuse.de- Use %ix86 macro
* Tue Jul 02 2002 nadvornikAATTsuse.cz- updated to 1.2.3- changed package version to match the version of source tarball
* Tue Mar 05 2002 nadvornikAATTsuse.cz- fixed permissions for man pages
* Tue Feb 05 2002 nadvornikAATTsuse.cz- added Provides: libpng:/usr/include/png.h to libpng-devel
* Thu Jan 31 2002 nadvornikAATTsuse.cz- back to 1.0.12, libpng 1.2.x will be packed in separate package- created devel subpackage to allow parallel instalation of shared libraries
* Wed Jan 09 2002 nadvornikAATTsuse.cz- update to 1.2.1- used macros %{_lib} and %{_libdir}
* Tue Dec 04 2001 nadvornikAATTsuse.cz- update to 1.2.0 - shared library version changed to 3.1.2.0 - new API for dynamically enabling and disabling certain optimizations- added Provides: libpng-devel for compatibility [bug #11978]
* Tue Jul 17 2001 nadvornikAATTsuse.cz- update to 1.0.12
* Tue Apr 03 2001 nadvornikAATTsuse.cz- update to 1.0.10- used pnggccrd.c - MMX support on intel
* Tue Feb 13 2001 nadvornikAATTsuse.cz- update to 1.0.9
* Fri Jan 19 2001 bkAATTsuse.de- call pngtest program to have some tests that libpng works.- don\'t remove -O3 when adding RPM_OPT_FLAGS(still do -O3 optimisations)
* Thu Jan 04 2001 nadvornikAATTsuse.cz- changed rpm version to 2.1.0.8 (bug #5062)- changed shared library name to libpng.so.2.1.0.8
* Wed Aug 23 2000 nadvornikAATTsuse.cz- update to 1.0.8
* Tue Jul 11 2000 adrianAATTsuse.de- seg fault fix in pngrutil.c
* Mon May 22 2000 nadvornikAATTsuse.cz- changed group- changed URL
* Sat Apr 29 2000 kukukAATTsuse.de- Make sure libpng.so.2 is linked against libz to avoid problems with missing dependencies.
* Mon Apr 10 2000 nadvornikAATTsuse.cz- added URL
* Tue Apr 04 2000 nadvornikAATTsuse.cz- update to 1.0.6- added BuildRoot
* Tue Jan 25 2000 roAATTsuse.de- update to 1.0.5- manpages to /usr/share using macro
* Mon Sep 13 1999 bsAATTsuse.de- ran old prepare_spec on spec file to switch to new prepare_spec.
* Tue Jun 29 1999 roAATTsuse.de- moved from /usr/X11R6 to /usr
* Mon Jun 28 1999 roAATTsuse.de- update to 1.0.3
* Wed Feb 17 1999 roAATTsuse.de- added .so.2 link
* Fri Jan 22 1999 roAATTsuse.de- bump version to 2.1.0 (the version of the installed library)
* Fri Mar 20 1998 roAATTsuse.de- extracted package from libgr tree update to version 1.0.1
  
ICM