Overview
Request 1187057 accepted
- fix CVE-2024-38526 [bsc#1227693] Polyfill Supplay Chain Attack
- version update to 11.7.0
* Release 11.07.00
+ libnetpbm: Fix double free crash when memory allocation via
REALLOCARRAY fails. Introduced in Netpbm 10.40 (September
2007).
+ libnetpbm: Allow color dictionary with more than 1000 entries.
+ ppmhist, ppmtoxpm: Work with color dictionary with more than
1000 color entries.
+ rgb.txt: Add Resene paint colors, 2010.
* Release 11.06.00
+ pamcut: add -reportonly.
+ infotopam: Add input validation.
+ infotopam: Remove input file name from messages. Add -verbose
and issue informational message only if it is specified.
+ libnetpbm: Don't ignore garbage at the end of a color specifier
(e.g. rgbi:0/.5/1xyz).
+ color database: change names of "Spring Green", "Lamp Black",
and "light grey" to "SpringGreen", "LampBlack", and "LightGrey"
to be consistent with other color names.
+ pamcut: fix incorrect output when rectangle to cut is entirely
above the input image. Invisible junk after image. Always
broken. (The ability to cut outside the input image was new in
pamcut's predecessor pnmcut in Netpbm 9.7 (August 2000).
+ pamcut: fix incorrect output with PBM input when rectangle to
cut is entirely below the input image. Invisible junk after
image. Broken in Netpbm 10.44 (September 2008).
+ ppmtowinicon: fix array overrun with 4 and 8 bits per pixel.
Broken in Netpbm 11.05 (December 2023).
Request History
pgajdos created request
- fix CVE-2024-38526 [bsc#1227693] Polyfill Supplay Chain Attack
- version update to 11.7.0
* Release 11.07.00
+ libnetpbm: Fix double free crash when memory allocation via
REALLOCARRAY fails. Introduced in Netpbm 10.40 (September
2007).
+ libnetpbm: Allow color dictionary with more than 1000 entries.
+ ppmhist, ppmtoxpm: Work with color dictionary with more than
1000 color entries.
+ rgb.txt: Add Resene paint colors, 2010.
* Release 11.06.00
+ pamcut: add -reportonly.
+ infotopam: Add input validation.
+ infotopam: Remove input file name from messages. Add -verbose
and issue informational message only if it is specified.
+ libnetpbm: Don't ignore garbage at the end of a color specifier
(e.g. rgbi:0/.5/1xyz).
+ color database: change names of "Spring Green", "Lamp Black",
and "light grey" to "SpringGreen", "LampBlack", and "LightGrey"
to be consistent with other color names.
+ pamcut: fix incorrect output when rectangle to cut is entirely
above the input image. Invisible junk after image. Always
broken. (The ability to cut outside the input image was new in
pamcut's predecessor pnmcut in Netpbm 9.7 (August 2000).
+ pamcut: fix incorrect output with PBM input when rectangle to
cut is entirely below the input image. Invisible junk after
image. Broken in Netpbm 10.44 (September 2008).
+ ppmtowinicon: fix array overrun with 4 and 8 bits per pixel.
Broken in Netpbm 11.05 (December 2023).
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
anag+factory set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:F"
darix accepted review
Accepted review for by_group opensuse-review-team request 1187057 from user anag+factory
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:F got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:F got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:F got accepted.
