Revisions of libpng16
- Backport patch to fix PAC/BTI support on aarch64: * 563.patch (forwarded request 1180119 from Guillaume_G)
- version update to 1.6.43 * Fixed the row width check in png_check_IHDR(). This corrected a bug that was specific to the 16-bit platforms, and removed a spurious compiler warning from the 64-bit builds. (Reported by Jacek Caban; fixed by John Bowler) * Added eXIf chunk support to the push-mode reader in pngpread.c. (Contributed by Chris Blume) * Added contrib/pngexif for the benefit of the users who would like to inspect the content of eXIf chunks. * Added contrib/conftest/basic.dfa, a basic build-time configuration. (Contributed by John Bowler) * Fixed a preprocessor condition in pngread.c that broke build-time configurations like contrib/conftest/pngcp.dfa. (Contributed by John Bowler) * Added CMake build support for LoongArch LSX. (Contributed by GuXiWei) * Fixed a CMake build error that occurred under a peculiar state of the dependency tree. This was a regression introduced in libpng-1.6.41. (Contributed by Dan Rosser) * Marked the installed libpng headers as system headers in CMake. (Contributed by Benjamin Buch) * Updated the build support for RISCOS. (Contributed by Cameron Cawley) * Updated the makefiles to allow cross-platform builds to initialize conventional make variables like AR and ARFLAGS. * Added various improvements to the CI scripts in areas like version consistency verification and text linting. * Added version consistency verification to pngtest.c also.
Update libpng to 1.6.42 (forwarded request 1147257 from yannboyer_dev)
- fixes [bsc#1121624] CVE-2019-6129 and [bsc#1124211] CVE-2019-7317
- Update to version 1.6.40: * Fixed the eXIf chunk multiplicity checks. * Fixed a memory leak in pCAL processing. * Corrected the validity report about tRNS inside png_get_valid(). * Fixed various build issues on *BSD, Mac and Windows. * Updated the configurations and the scripts for continuous integration. * Cleaned up the code, the build scripts, and the documentation. (forwarded request 1094720 from pluskalm)
- do not use NEON instructions [bsc#1211176]
- Fix license tag to libpng-2.0. (forwarded request 1080481 from fcrozat)
- Fix build: some*.la files are symlinks. Adjust spec to use find -type f,l (forwarded request 1062444 from dimstar)
- Update to version 1.6.39: * cmake: Default to PNG_ARM_NEON=off for arm targets. + Turn large PNG chunks into benign errors. + Update, rename and clean up various scripts. + tools: Fix a buffer overflow involving a file name in pngfix. + tools: Fix a memory leak in pngcp. (forwarded request 1038184 from dimstar)
Automatic submission by obs-autosubmit
- install rpm macros in %{_rpmmacrodir} [bsc#1185661] - call spec-cleaner
Enable SSE optimizations. They are not enabled by default in configure-based builds (see the INSTALL file). (forwarded request 878383 from llunak)
- make check actually works under asan - version update to 1.6.37 Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free. Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette. Fixed a memory leak in pngtest.c. Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in contrib/pngminus; refactor. Changed the license of contrib/pngminus to MIT; refresh makefile and docs. (Contributed by Willem van Schaik) Added makefiles for AddressSanitizer-enabled builds. - deleted patches - libpng-arm-free.patch (upstreamed)
- fix arm build [bsc#1121829] + libpng-arm-free.patch - asan_build: build ASAN included - debug_build: build more suitable for debugging, install pngcp
- update to 1.6.36: Replaced the remaining uses of png_size_t with size_t (Cosmin) Fixed the calculation of row_factor in png_check_chunk_length (reported by Thuan Pham in SourceForge issue #278) Added missing parentheses to a macro definition (suggested by "irwir" in GitHub issue #216) Optimized png_do_expand_palette for ARM processors. Improved performance by around 10-22% on a recent ARM Chromebook. (Contributed by Richard Townsend, ARM Holdings) Fixed manipulation of machine-specific optimization options. (Contributed by Vicki Pfau) Used memcpy instead of manual pointer arithmetic on Intel SSE2. (Contributed by Samuel Williams) Fixed build errors with MSVC on ARM64. (Contributed by Zhijie Liang) Fixed detection of libm in CMakeLists. (Contributed by Cameron Cawley) Fixed incorrect creation of pkg-config file in CMakeLists. (Contributed by Kyle Bentley) Fixed the CMake build on Windows MSYS by avoiding symlinks. Fixed a build warning on OpenBSD. (Contributed by Theo Buehler) Fixed various typos in comments. (Contributed by "luz.paz") Raised the minimum required CMake version from 3.0.2 to 3.1. Removed yet more of the vestigial support for pre-ANSI C compilers. Removed ancient makefiles for ancient systems that have been broken across all previous libpng-1.6.x versions. Removed the Y2K compliance statement and the export control information.
- security update: * CVE-2018-13785 [bsc#1100687] + libpng16-CVE-2018-13785.patch
- %{libname} package provides libpng = %{version} again [bsc#1079342]
- check with -j1 - Fix SRPM group and grammar issues. - removed obsoleted Obsoletes - update to 1.6.34: * Removed contrib/pngsuite/i*.png; some of these were incorrect and caused test failures. - includes 1.6.33: * Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added missing parenthesis in contrib/pngminus/pnm2png.c * Fixed off-by-one error in png_do_check_palette_indexes() * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc to fix shortlived oss-fuzz issue 3234. * Compute a larger limit on IDAT because some applications write a deflate buffer for each row * Use current date (DATE) instead of release-date (RDATE) in last changed date of contrib/oss-fuzz files. * Enabled ARM support in CMakeLists.txt * Fixed incorrect typecast of some arguments to png_malloc() and png_calloc() that were png_uint_32 instead of png_alloc_size_t * Use pnglibconf.h.prebuilt when building for ANDROID with cmake * Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2() due to truncated iTXt or zTXt chunk. * Initialize memory allocated by png_read_buffer to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_icc_check_tag_table() due to truncated iCCP
- update to 1.6.31: * Guard the definition of _POSIX_SOURCE in pngpriv.h. * Revised pngpriv.h to work around failure to compile arm/filter_neon.S. * Added "Requires: zlib" to libpng.pc.in. * Added special case for FreeBSD in arm/filter_neon.S. * Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent possible integer overflow. * Added eXIf chunk support. - remove upstreamed 0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch
Displaying revisions 1 - 20 of 55