Changelog |
* Fri Sep 29 2017 Paul Howarth <paul@city-fan.org> - 1.0.69-1
- Update to 1.069
- Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added missing
parenthesis in contrib/pngminus/pnm2png.c
- Compute a larger limit on IDAT because some applications write a deflate
buffer for each row
- Initialize memory allocated by png_inflate to zero, using memset, to stop
an oss-fuzz "use of uninitialized value" detection in png_set_text_2() due
to truncated iTXt or zTXt chunk
* Fri Aug 25 2017 Paul Howarth <paul@city-fan.org> - 1.0.68-1
- Update to 1.068
- Added png_check_chunk_length() function, and check all chunks except IDAT
against the default 8MB limit; check IDAT against the maximum size computed
from IHDR parameters
- Check for 0 return from png_get_rowbytes() and added some (size_t)
typecasts in contrib/pngmi to stop some Coverity issues (162705, 162706
and 162707)
- Specify explictly-used build requirements
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.67-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.67-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Jun 20 2017 Paul Howarth <paul@city-fan.org> - 1.0.67-3
- Update source URL (#1459086)
- Drop EL-5 support
- Drop BuildRoot: and Group: tags
- Drop explicit buildroot cleaning in %install section
- Drop explicit %clean section
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.67-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Dec 30 2016 Paul Howarth <paul@city-fan.org> - 1.0.67-1
- Update to 1.0.67
- Fix typos in libpng.3 synopses
- Fixed undefined behavior in png_push_save_buffer(); do not call memcpy()
with a null source, even if count is zero
- Fixed a potential null pointer dereference in png_set_text_2()
(CVE-2016-10087)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.66-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Dec 18 2015 Paul Howarth <paul@city-fan.org> - 1.0.66-1
- Update to 1.0.66
- Fixed an out-of-range read in png_check_keyword() (CVE-2015-8540)
- Corrected copyright dates in source files
- Moved png_check_keyword() from pngwutil.c to pngset.c
* Fri Dec 04 2015 Paul Howarth <paul@city-fan.org> - 1.0.65-1
- Update to 1.0.65
- Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(),
png_handle_sPLT(), and png_handle_pCAL()
- Fixed incorrect implementation of png_set_PLTE() that uses png_ptr, not
info_ptr, which left png_set_PLTE() open to the CVE-2015-8126 vulnerability
(CVE-2015-8472)
- Discontinued distributing tar.bz2 archives
- Discontinued distributing libpng-oldversion-newversion-diff.txt
- Switch back to gzipped tarball as upstream is no longer providing the bzipped
version
* Thu Nov 12 2015 Paul Howarth <paul@city-fan.org> - 1.0.64-1
- Update to 1.0.64
- Fix typecast in a png_debug2() statement in png_set_text_2() to avoid a
compiler warning in PNG_DEBUG builds
- Fixed printf formats in pngtest.c to avoid compiler warnings and a Coverity
warning in PNG_DEBUG builds
- Avoid Coverity issue 80858 (REVERSE NULL) in pngtest.c PNG_DEBUG builds
- Removed WRITE_WEIGHTED_FILTERED code
- Avoid potentially dereferencing NULL info_ptr in png_info_init_3()
- Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
- Use nanosleep() instead of usleep() in contrib/gregbook/rpng2-x.c because
usleep() is deprecated (port from libpng16)
- Fixed some bad links in the man page
- Added a safety check in png_set_tIME() (CVE-2015-7981)
- Prevent writing over-length PLTE chunk (CVE-2015-8126)
- Silently truncate over-length PLTE chunk while reading (CVE-2015-8126)
- Clarified COPYRIGHT information to state explicitly that versions are
derived from previous versions
- Removed much of the long list of previous versions from png.h and libpng.3
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.63-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Feb 27 2015 Paul Howarth <paul@city-fan.org> - 1.0.63-1
- Update to 1.0.63
- Issue a png_error() instead of a png_warning() when width is potentially
too large for the architecture, in case the calling application has
overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and
CVE-2015-0973)
- Quieted some harmless warnings from Coverity-scan
- Display user limits in the output from pngtest (not packaged)
- Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000; it only
affects the maximum memory that can be allocated to an ancillary chunk,
and does not limit the size of IDAT data, which is instead limited by
PNG_USER_WIDTH_MAX
- Rebuilt configure scripts with automake-1.15 and libtool-2.4.6
- Update soname patch
* Fri Nov 21 2014 Paul Howarth <paul@city-fan.org> 1.0.62-1
- update to 1.0.62
- avoid out-of-bounds memory access while checking version string in
pngread.c and pngwrite.c
- build fix for Windows
- use %license where possible
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.61-3
- rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.61-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Feb 07 2014 Paul Howarth <paul@city-fan.org> 1.0.61-1
- update to 1.0.61
- ignore, with a warning, out-of-range value of num_trans in png_set_tRNS()
- replaced AM_CONFIG_HEADER(config.h) with AC_CONFIG_HEADERS([config.h]) in
configure.ac
- changed default value of PNG_USER_CACHE_MAX from 0 to 32767 in pngconf.h
- avoid a possible memory leak in contrib/gregbook/readpng.c
- revised libpng.3 so that "doclifter" can process it
- changed '"%s"m' to '"%s" m' in png_debug macros to improve portability
among compilers
- rebuilt the configure scripts with autoconf-2.69 and automake-1.14.1
- removed potentially misleading warning from png_check_IHDR()
- quiet set-but-not-used warnings in pngset.c
- quiet an uninitialized memory warning from VC2013 in png_get_png()
- quiet unused variable warnings from clang by porting PNG_UNUSED() from
libpng-1.4.6
- added -DZ_SOLO to CFLAGS in contrib/pngminim/*/makefile
- added an #ifdef PNG_FIXED_POINT_SUPPORTED/#endif in pngset.c
- drop upstreamed aarch64 patch
- drop patch for CVE-2013-6954, which only actually affected libpng versions
1.6.1 to 1.6.7
* Thu Jan 23 2014 Paul Howarth <paul@city-fan.org> 1.0.60-6
- handle zero-length PLTE chunk or NULL palette with png_error(), to avoid
later reading from a NULL pointer (png_ptr->palette) in
png_do_expand_palette() (CVE-2013-6954)
* Sat Jul 27 2013 Paul Howarth <paul@city-fan.org> 1.0.60-5
- install docs to %{_pkgdocdir} where available
* Sun Mar 24 2013 Paul Howarth <paul@city-fan.org> 1.0.60-4
- tweak config.guess and config.sub to add aarch64 support (#925862)
- update source URL, moved upstream
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.60-3
- rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.60-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jul 11 2012 Paul Howarth <paul@city-fan.org> 1.0.60-1
- update to 1.0.60
- changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386
* Thu Mar 29 2012 Paul Howarth <paul@city-fan.org> 1.0.59-1
- update to 1.0.59
- revised png_set_text_2() to avoid potential memory corruption
(CVE-2011-3048)
- prevent PNG_EXPAND+PNG_SHIFT doing the shift twice
* Fri Mar 09 2012 Paul Howarth <paul@city-fan.org> 1.0.58-1
- update to 1.0.58
- fix bug with png_handle_hIST with odd chunk length
- fix incorrect type (int copy should be png_size_t copy) in png_inflate()
(CVE-2011-3045)
- fix off-by-one bug in png_handle_sCAL() when using fixed point arithmetic,
causing out-of-bounds read in png_set_sCAL() because of failure to copy
the string terminators
- remove the png_free() of unused png_ptr->current_text from pngread.c
- remove all of the assembler code from pnggccrd.c and just "return 2;"
* Sun Feb 19 2012 Paul Howarth <paul@city-fan.org> 1.0.57-1
- update to 1.0.57 (fixed CVE-2011-3026 buffer overrun bug)
* Thu Jan 05 2012 Paul Howarth <paul@city-fan.org> 1.0.56-2
- rebuilt for gcc 4.7
* Sat Jul 09 2011 Paul Howarth <paul@city-fan.org> 1.0.56-1
- update to 1.0.56
- fix regression in Makefile.am/Makefile.in
- fix "make distcheck"
- drop upstreamed fix for libpng.sym build failure
* Thu Jul 07 2011 Paul Howarth <paul@city-fan.org> 1.0.55-1
- update to 1.0.55
- fixed uninitialized memory read in png_format_buffer()
(CVE-2011-2501, related to CVE-2004-0421)
- pass "" instead of '\0' to png_default_error() in png_err() (CVE-2011-2691)
- check for up->location !PNG_AFTER_IDAT when writing unknown chunks before
IDAT
- ported bugfix in pngrtran.c from 1.5.3: when expanding a paletted image,
always expand to RGBA if transparency is present
- check for integer overflow in png_set_rgb_to_gray() (CVE-2011-2690)
- check for sCAL chunk too short (CVE-2011-2692)
- drop upstreamed patch for CVE-2011-2501
- add patch to fix build failure due to regression in libpng.sym creation
* Wed Jun 29 2011 Paul Howarth <paul@city-fan.org> 1.0.54-3
- fix 1-byte uninitialized memory reference in png_format_buffer()
(CVE-2011-2501, related to CVE-2004-0421)
- nobody else likes macros for commands
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.54-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Jul 02 2010 Paul Howarth <paul@city-fan.org> 1.0.54-1
- update to 1.0.54
- fixes CVE-2010-1205 (out-of-bounds write to memory)
- fixes CVE-2010-2249 (memory leak with images having malformed sCAL chunks)
* Thu Feb 25 2010 Paul Howarth <paul@city-fan.org> 1.0.53-1
- update to 1.0.53
- fixes CVE-2010-0205 (libpng stalls on highly compressed ancillary chunks)
- drop patch for #555485, included upstream
* Fri Jan 15 2010 Paul Howarth <paul@city-fan.org> 1.0.52-2
- add upstream fix reinstating PNG_READ_16_TO_8_SUPPORTED and
PNG_READ_GRAY_TO_RGB_SUPPORTED (not defined in 1.0.51 and 1.0.52),
causing API/ABI regressions (#555485)
* Mon Jan 04 2010 Paul Howarth <paul@city-fan.org> 1.0.52-1
- update to 1.0.52 (minor changes, see ANNOUNCE for details)
* Thu Dec 03 2009 Paul Howarth <paul@city-fan.org> 1.0.51-1
- update to 1.0.51 (see ANNOUNCE for details)
- update soname patch to apply to 1.0.51
* Fri Sep 11 2009 Paul Howarth <paul@city-fan.org> 1.0.50-1
- update to 1.0.50 (garbage removal patch upstreamed)
* Thu Sep 10 2009 Paul Howarth <paul@city-fan.org> 1.0.49-1
- update to 1.0.49 (minor bugfixes)
- patch out garbage in source files left over from edit gone wrong
* Thu Aug 13 2009 Paul Howarth <paul@city-fan.org> 1.0.48-1
- update to 1.0.48
- avoid a possible NULL dereference in debug build, in png_set_text_2()
- reject attempt to write iCCP chunk with negative embedded profile length
- rebase soname patch to remove fuzz
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.47-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Jul 17 2009 Paul Howarth <paul@city-fan.org> 1.0.47-1
- update to 1.0.47 (changes to unknown chunk handling and documentation)
* Thu Jun 18 2009 Paul Howarth <paul@city-fan.org> 1.0.46-1
- garbage removal patch upstreamed
* Thu Jun 18 2009 Paul Howarth <paul@city-fan.org> 1.0.45-2
- patch out garbage in devel config files left over from edit gone wrong
* Thu Jun 04 2009 Paul Howarth <paul@city-fan.org> 1.0.45-1
- update to 1.0.45 (mainly cosmetic code changes)
* Fri May 08 2009 Paul Howarth <paul@city-fan.org> 1.0.44-1
- update to 1.0.44 (fix possible UMR/memory leak issues, revise fflush() usage)
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.0.43-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Feb 19 2009 Paul Howarth <paul@city-fan.org> 1.0.43-1
- update to 1.0.43 (#486355, CVE-2009-0040 - clear pointer arrays created using
png_malloc())
* Fri Dec 19 2008 Paul Howarth <paul@city-fan.org> 1.0.42-1
- update to 1.0.42 (#480321, CVE-2008-5907 - various minor bugfixes and code
cleanups, not really a security issue)
* Fri Oct 31 2008 Paul Howarth <paul@city-fan.org> 1.0.41-1
- update to 1.0.41 (#468990, CVE-2008-6218 - memory leak after reading a
malformed tEXt chunk)
* Fri Sep 19 2008 Paul Howarth <paul@city-fan.org> 1.0.40-1
- update to 1.0.40 (#461599, CVE-2008-3964 - multiple off-by-one errors
allowing context-dependent attackers to cause a denial of service (crash) or
have unspecified other impact via a PNG image with crafted zTXt chunks)
* Thu Aug 21 2008 Paul Howarth <paul@city-fan.org> 1.0.39-1
- update to 1.0.39
* Sun Aug 17 2008 Paul Howarth <paul@city-fan.org> 1.0.38-1
- update to 1.0.38
- update soname patch to apply without fuzz
* Fri May 09 2008 Paul Howarth <paul@city-fan.org> 1.0.37-1
- update to 1.0.37
- autotools patch no longer needed
- explicitly specify the library filename in %files as a consistency check
* Wed Apr 30 2008 Paul Howarth <paul@city-fan.org> 1.0.34-1
- update to 1.0.34
- update autotools patch
* Wed Apr 30 2008 Paul Howarth <paul@city-fan.org> 1.0.33-1
- update to 1.0.33 (CVE-2008-1382, #441839)
- add patch to fix broken autotools build scripts
* Thu Apr 03 2008 Paul Howarth <paul@city-fan.org> 1.0.32-1
- update to 1.0.32
* Tue Feb 19 2008 Paul Howarth <paul@city-fan.org> 1.0.31-1
- update to 1.0.31
* Wed Feb 13 2008 Paul Howarth <paul@city-fan.org> 1.0.30-2
- rebuild with gcc 4.3.0 for Fedora 9
* Tue Oct 16 2007 Paul Howarth <paul@city-fan.org> 1.0.30-1
- update to 1.0.30
* Fri Oct 05 2007 Paul Howarth <paul@city-fan.org> 1.0.29-1
- update to 1.0.29 (fixes DoS issue, #327791, CVE-2007-5269)
* Tue Sep 11 2007 Paul Howarth <paul@city-fan.org> 1.0.28-1
- update to 1.0.28
* Mon Aug 20 2007 Paul Howarth <paul@city-fan.org> 1.0.27-1
- update to 1.0.27
- add new file ANNOUNCE, which lists changes since last release
- use shortname "zlib" for the license tag (package is zlib/libpng licensed)
- drop pkgconf patch, which should no longer be needed
* Sun May 20 2007 Paul Howarth <paul@city-fan.org> 1.0.26-1
- update to 1.0.26 to address DoS issue (#240398, CVE-2007-2445)
- update soname patch
- libpng.txt now has a versioned filename
* Sun Mar 25 2007 Paul Howarth <paul@city-fan.org> 1.0.21-2
- Own directory %{_docdir}/%{name}-%{version} (#233869)
- Describe license as "zlib/libpng" rather than just "zlib"
* Sat Nov 18 2006 Paul Howarth <paul@city-fan.org> 1.0.21-1
- update to 1.0.21 to address DoS issue (#216263, CVE-2006-5793)
- update soname patch
* Sun Oct 01 2006 Paul Howarth <paul@city-fan.org> 1.0.20-4
- rebuild with latest toolchain
* Tue Aug 01 2006 Paul Howarth <paul@city-fan.org> 1.0.20-3
- reenable %{_smp_mflags}
- use patched configure script rather than old Makefiles
* Thu Jul 20 2006 Paul Howarth <paul@city-fan.org> 1.0.20-2
- don't use %{_smp_mflags}
* Thu Jul 06 2006 Paul Howarth <paul@city-fan.org> 1.0.20-1
- update to 1.0.20
- use Fedora Extras standard buildroot
- update URL
- include release in fully versioned dependency between devel and main pkgs
- wrap description text at 80 columns
- don't build static libraries
- devel package requires pkgconfig
- unpack tarball quietly
- update rhconf patch
- move doc files libpng.txt and example.c to devel package
- add doc Y2KINFO
- changed license tag from "OSI Certified" to "zlib License"
(see http://www.opensource.org/licenses/zlib-license.php)
- minor cosmetic spec file changes
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.0.18-3.2.1
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.0.18-3.2
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Sun Jul 31 2005 Florian La Roche <laroche@redhat.com>
- build with newest rpm, rm -f libpng.so
* Wed Mar 02 2005 Matthias Clasen <mclasen@redhat.com> - 1.0.18-2
- Rebuild with gcc4
* Mon Dec 06 2004 Matthias Clasen <mclasen@redhat.com> - 1.0.18-1
- Update to 1.0.18
* Tue Aug 17 2004 Matthias Clasen <mclasen@redhat.com> - 1.0.16-1
- Update to 1.0.16
- Combine rhconf patches
- Include LICENSE
* Wed Aug 04 2004 Matthias Clasen <mclasen@redhat.com> 1.0.15-9
- Build for FC3
* Fri Jul 23 2004 Matthias Clasen <mclasen@redhat.com> 1.0.15-8
- Build for FC2
* Fri Jul 23 2004 Matthias Clasen <mclasen@redhat.com> 1.0.15-7
- Replace the patches for individual security problems with the
cumulative patch issued by the png developers.
- Build for FC1
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Mon Jun 14 2004 Matthias Clasen <mclasen@redhat.com> - 1.0.15-5
- Rebuilt for FC2
* Mon Jun 14 2004 Matthias Clasen <mclasen@redhat.com> - 1.0.15-4
- Rebuilt for FC1
* Mon Jun 14 2004 Matthias Clasen <mclasen@redhat.com> - 1.0.15-3
- Reinstate and improve the transfix patch which got lost sometime ago,
but is still needed for CAN-2002-1363 (#125934)
* Wed May 19 2004 Matthias Clasen <mclasen@redhat.com> 1.0.15-2
- Don't provide libpng-devel (#110161)
* Wed May 19 2004 Matthias Clasen <mclasen@redhat.com> 1.0.15-1
- 1.0.15
- Update rhconf2 patch
- Remove bogus badchunks patch (#89854)
* Mon May 03 2004 Matthias Clasen <mclasen@redhat.com> 1.0.13-13
- Redo the out-of-bounds fix in a slightly better way.
* Wed Apr 21 2004 Matthias Clasen <mclasen@redhat.com> 1.0.13-12
- Bump release number to disambiguate n-v-rs.
* Mon Apr 19 2004 Matthias Clasen <mclasen@redhat.com>
- fix a possible out-of-bounds read in the error message
handler. #121229
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Mon Jun 09 2003 Elliot Lee <sopwith@redhat.com>
- This package has no epochs! remove usage thereof
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Tue Jun 03 2003 Jeff Johnson <jbj@redhat.com>
- add explicit epoch's where needed.
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt
* Wed Jan 15 2003 Elliot Lee <sopwith@redhat.com> 1.0.13-7
- Bump & rebuild
* Fri Dec 13 2002 Elliot Lee <sopwith@redhat.com> 1.0.13-6
- Rebuild, merging in multilib change
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Thu May 23 2002 Elliot Lee <sopwith@redhat.com> 1.0.13-3
- The package totally broke the backwards compatibility that it was intended to provide.
Fixed by setting soname to libpng.so.2, and only tweaking the build (libpng*.{so,a}) files.
- Use _smp_mflags
- Fix rhconf patch because it was patching a symlink instead of the actual file.
- Don't provide libpng = {version}, because then the package conflicts with itself
* Thu May 09 2002 Jeremy Katz <katzj@redhat.com> 1.0.13-2
- rebuild
* Thu May 02 2002 Havoc Pennington <hp@redhat.com> 1.0.13-1
- upgrade to 1.0.13, plus patch tarball from libpng web site
- update rhconf patch to work with new makefiles
* Mon Mar 04 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.0.12-6
- Revert fix for #59988 as it introduces a worse problem, #60410
* Tue Feb 26 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.0.12-5
- Conflict with libpng < 1.2.0 (#59988)
* Wed Jan 30 2002 Bill Nottingham <notting@redhat.com> 1.0.12-4
- provide libpng = %{version}, libpng-devel = %{version}
* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Fri Jan 04 2002 Bill Nottingham <notting@redhat.com> 1.0.12-2
- add devel stuff (we may change this around later)
* Wed Sep 19 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.0.12-1
- initial compat package
|