Revisions of pngcheck

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1149000 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 8)
- Use %autosetup macro. Allows to eliminate the usage of deprecated
  %patchN.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 940245 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 7)
- version update to 3.0.3
  * 20210124 GRR: released version 3.0.1
  *               ----------------------
  * 20201217 BB:  fixed a crash bug (and probable vulnerability) in large (MNG)
  *               LOOP chunks
  * 20210131 GRR: updated Makefile.mingw32 for modern versions and added
  *               Makefile.mingw64 (targets Win64); both are essentially
  *               UNTESTED, however!
  * 20210131 GRR: released version 3.0.2
  *               ----------------------
  * 20210416 BB:  fixed a divide-by-zero crash bug (and probable vulnerability)
  *               in interlaced images with extra compressed data beyond the
  *               nominal end of the image data (found by "chiba of topsec alpha
  *               lab")
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 859052 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 6)
- version update to 3.0.0
  * 20070709 GRR: tweaked color definitions slightly to work better on terminals
  *               with white/light backgrounds
  * 20070712 GRR: added Makefile.mingw32
  * 20100504 GRR: fixed DHDR (pre-MNG-1.0) bug identified by Winfried <szukw000@arcor.de>
  * 20170713 GRP: added eXIf support (GRR: added check for II/MM/unknown format)
  * 20201012 BB:  converted static const help/usage-related strings to macros so
  *               -Werror=format-security doesn't trigger (Ben Beasley)
  * 20201015 BB:  added (help2man-generated) man pages for all three utils
  * 20201017 GRR: added top-level LICENSE file; fixed various compiler warnings
  * 20201031 GRR: replaced gpl/COPYING (outdated address, references to Library
  *               GPL) with https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
  *               (thanks to Ben Beasley for catching that)
  * 20201113 BB:  fixed buffer-overflow vulnerability discovered by "giantbranch
  *               of NSFOCUS Security Team"
  *               https://bugzilla.redhat.com/show_bug.cgi?id=1897485
  * 20201128 BB:  found and fixed four additional vulnerabilities (null-pointer
  *               dereference and three buffer overruns)
  * 20201209 LP:  fixed an off-by-one bug in check_magic() (Lucy Phipps)
  * 20201209 LL:  converted two zlib-version warnings/errors to go to stderr
  *               (Lemures Lemniscati, actually from 20180318; forwarded by LP)
  * 20201210 BB:  fixed another buffer-overflow vulnerability discovered by
  *               "giantbranch of NSFOCUS Security Team"
  *               https://bugzilla.redhat.com/show_bug.cgi?id=1905775
  * 20201212 GRR: removed -f ("force") option due to multiple security issues
- modified patches
  % fixbuild.diff (refreshed)
- deleted patches
  - pngcheck-CVE-2020-27818.patch (upstreamed)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 852889 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 5)
- security update
- added patches
  fix CVE-2020-27818 [bsc#1179528], global buffer overflow was discovered in check_chunk_name function via crafted pngfile
  + pngcheck-CVE-2020-27818.patch
Adrian Schröter's avatar Adrian Schröter (adrianSuSE) committed (revision 3)
Split 13.2 from Factory
Adrian Schröter's avatar Adrian Schröter (adrianSuSE) committed (revision 2)
Split 13.1 from Factory
Displaying all 8 revisions
openSUSE Build Service is sponsored by