openSUSE Build Service

Dominique Leuenberger (dimstar_suse) accepted request 1153775 from

Petr Gajdos (pgajdos) 9 months ago (revision 41)

- Use %autosetup macro. Allows to eliminate the usage of deprecated
  %patchN (forwarded request 1153773 from pgajdos)

Dominique Leuenberger (dimstar_suse) accepted request 976250 from

Factory Maintainer (factory-maintainer) over 2 years ago (revision 40)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 715992 from

Petr Gajdos (pgajdos) over 5 years ago (revision 39)

- version update to 1.2.59
  Added png_check_chunk_length() function, and check all chunks except
    IDAT against the default 8MB limit; check IDAT against the maximum
    size computed from IHDR parameters (Fixes CVE-2017-12652).
  Initialize memory allocated by png_inflate to zero, using memset, to
    stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2()
    due to truncated iTXt or zTXt chunk.

Dominique Leuenberger (dimstar_suse) committed over 6 years ago (revision 38)

Needed for steam

Dominique Leuenberger (dimstar_suse) accepted request 587550 from

Cristian Rodríguez (elvigia) over 6 years ago (revision 37)

fixed all packages that required this, other than the defunct LSB thing, it can be safely dropped from factory.

Dominique Leuenberger (dimstar_suse) accepted request 571332 from

Petr Gajdos (pgajdos) almost 7 years ago (revision 36)

- check with -j1, be explicit

- Fix SRPM group and grammar issues.

Dominique Leuenberger (dimstar_suse) accepted request 448476 from

Petr Gajdos (pgajdos) almost 8 years ago (revision 35)

- updated to 1.2.57: fixes CVE-2016-10087

Dominique Leuenberger (dimstar_suse) accepted request 349409 from

Petr Gajdos (pgajdos) almost 9 years ago (revision 34)

- updated to 1.2.56:
  Fixed an out-of-range read in png_check_keyword() (Bug report from
    Qixue Xiao, CVE-2015-8540).
  Added keyword checks to pngset.c

Dominique Leuenberger (dimstar_suse) accepted request 347338 from

Petr Gajdos (pgajdos) almost 9 years ago (revision 33)

- updated to 1.2.55:
  Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(),
    png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr).
  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
    vulnerability.

Stephan Kulow (coolo) accepted request 345349 from

Factory Maintainer (factory-maintainer) almost 9 years ago (revision 32)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 323167 from

Factory Maintainer (factory-maintainer) about 9 years ago (revision 31)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 288036 from

Petr Gajdos (pgajdos) over 9 years ago (revision 30)

- updated to 1.2.53:
  Issue a png_error() instead of a png_warning() when width is
    potentially too large for the architecture, in case the calling
    application has overridden the default 1,000,000-column limit
    (fixes CVE-2014-9495 and CVE-2015-0973).
  Display user limits in the output from pngtest.
  Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000.
    This can only be changed at library-build time.  It only
    affects the maximum memory that can be allocated to an
    ancillary chunk; it does not limit the size of IDAT
    data, which is instead limited by PNG_USER_WIDTH_MAX.

Dominique Leuenberger (dimstar_suse) accepted request 281974 from

Petr Gajdos (pgajdos) almost 10 years ago (revision 29)

- Fix CVE-2013-7354.patch, include limits.h for INT_MAX (forwarded request 281971 from olh)

Dominique Leuenberger (dimstar_suse) accepted request 262527 from

Petr Gajdos (pgajdos) almost 10 years ago (revision 28)

- updated to 1.2.52:
  * Avoid out-of-bounds memory access while checking version string.

Adrian Schröter (adrianSuSE) committed about 10 years ago (revision 27)

Split 13.2 from Factory

Stephan Kulow (coolo) accepted request 232699 from

Factory Maintainer (factory-maintainer) over 10 years ago (revision 26)

Automatic submission by obs-autosubmit

Tomáš Chvátal (scarabeus_factory) accepted request 221208 from

Petr Gajdos (pgajdos) almost 11 years ago (revision 25)

- updated to 1.2.51:
  Ignore, with a warning, out-of-range value of num_trans in png_set_tRNS().
  Replaced AM_CONFIG_HEADER(config.h) with
     AC_CONFIG_HEADERS([config.h]) in configure.ac
  Changed default value of PNG_USER_CACHE_MAX from 0 to 32767 in pngconf.h.
  Avoid a possible memory leak in contrib/gregbook/readpng.c
  Revised libpng.3 so that "doclifter" can process it.
  Changed '"%s"m' to '"%s" m' in png_debug macros to improve portability
    among compilers.
  Rebuilt the configure scripts with autoconf-2.69 and automake-1.14.1
  Removed potentially misleading warning from png_check_IHDR().
  Quiet set-but-not-used warnings in pngset.c
  Quiet an uninitialized memory warning from VC2013 in png_get_png().
  Quiet unused variable warnings from clang by porting PNG_UNUSED() from
    libpng-1.4.6.
  Added -DZ_SOLO to CFLAGS in contrib/pngminim/*/makefile
  Added an #ifdef PNG_FIXED_POINT_SUPPORTED/#endif in pngset.c

Adrian Schröter (adrianSuSE) committed about 11 years ago (revision 24)

Split 13.1 from Factory

Stephan Kulow (coolo) accepted request 171338 from

Ismail Dönmez (namtrac) over 11 years ago (revision 23)

- add conflicts in -32bit package (forwarded request 171336 from coolo)

Adrian Schröter (adrianSuSE) committed almost 12 years ago (revision 22)

Split 12.3 from Factory

Places

Revisions of libpng12

Places