2012-02-20 10:52:44 +01:00
|
|
|
#
|
|
|
|
|
# spec file for package libpng16
|
|
|
|
|
#
|
2019-01-28 12:50:38 +01:00
|
|
|
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
2012-02-20 10:52:44 +01:00
|
|
|
#
|
|
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2018-12-31 10:48:16 +01:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2012-02-20 10:52:44 +01:00
|
|
|
#
|
|
|
|
|
|
|
|
|
|
|
2019-01-14 15:31:27 +01:00
|
|
|
%define debug_build 0
|
|
|
|
|
%define asan_build 0
|
|
|
|
|
|
2012-02-20 10:52:44 +01:00
|
|
|
%define major 1
|
|
|
|
|
%define minor 6
|
2018-12-31 10:48:16 +01:00
|
|
|
%define micro 36
|
2012-02-20 10:52:44 +01:00
|
|
|
%define branch %{major}%{minor}
|
|
|
|
|
%define libname libpng%{branch}-%{branch}
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
%define debug_package_requires %{libname} = %{version}-%{release}
|
2012-02-20 10:52:44 +01:00
|
|
|
Name: libpng16
|
|
|
|
|
Version: %{major}.%{minor}.%{micro}
|
|
|
|
|
Release: 0
|
|
|
|
|
Summary: Library for the Portable Network Graphics Format (PNG)
|
|
|
|
|
License: Zlib
|
2018-01-31 09:52:07 +01:00
|
|
|
Group: Development/Libraries/C and C++
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
Url: http://www.libpng.org/pub/png/libpng.html
|
2019-01-28 12:50:38 +01:00
|
|
|
Patch0: libpng-arm-free.patch
|
2018-12-31 10:48:16 +01:00
|
|
|
Source0: http://prdownloads.sourceforge.net/libpng/libpng-%{version}.tar.xz
|
2013-07-18 10:08:00 +02:00
|
|
|
Source2: libpng16.keyring
|
|
|
|
|
Source3: rpm-macros.libpng-tools
|
|
|
|
|
Source4: baselibs.conf
|
2012-02-20 10:52:44 +01:00
|
|
|
BuildRequires: libtool
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
BuildRequires: pkgconfig
|
2012-02-20 10:52:44 +01:00
|
|
|
BuildRequires: zlib-devel
|
|
|
|
|
|
|
|
|
|
%package -n %{libname}
|
|
|
|
|
Summary: Library for the Portable Network Graphics Format (PNG)
|
2017-01-02 12:10:07 +01:00
|
|
|
Group: System/Libraries
|
2018-02-05 16:36:37 +01:00
|
|
|
Provides: libpng = %{version}
|
2012-02-20 10:52:44 +01:00
|
|
|
|
|
|
|
|
%package devel
|
2018-01-31 09:52:07 +01:00
|
|
|
Summary: Development tools for applications which will use libpng
|
2012-02-20 10:52:44 +01:00
|
|
|
Group: Development/Libraries/C and C++
|
2013-03-18 12:54:03 +01:00
|
|
|
Requires: %{libname} = %{version}
|
|
|
|
|
Requires: glibc-devel
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
Requires: pkgconfig
|
2013-03-18 12:54:03 +01:00
|
|
|
Requires: zlib-devel
|
2012-02-20 10:52:44 +01:00
|
|
|
Recommends: libpng%{branch}-compat-devel
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
%package compat-devel
|
2018-01-31 09:52:07 +01:00
|
|
|
Summary: Development tools for applications which will use libpng
|
2012-02-20 10:52:44 +01:00
|
|
|
Group: Development/Libraries/C and C++
|
|
|
|
|
Requires: libpng%{branch}-devel = %{version}
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
Conflicts: libpng-devel
|
2012-02-20 10:52:44 +01:00
|
|
|
Provides: libpng-devel = %{version}
|
|
|
|
|
Obsoletes: libpng-devel < 1.2.44
|
|
|
|
|
|
2013-07-18 10:08:00 +02:00
|
|
|
%package tools
|
|
|
|
|
Summary: Tools for Manipulating PNG Images
|
|
|
|
|
Group: Productivity/Graphics/Other
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
Conflicts: libpng-tools
|
2013-07-18 10:08:00 +02:00
|
|
|
Provides: libpng-tools = %{version}
|
|
|
|
|
|
2012-02-20 10:52:44 +01:00
|
|
|
%description
|
|
|
|
|
libpng is the official reference library for the Portable Network
|
|
|
|
|
Graphics format (PNG).
|
|
|
|
|
|
|
|
|
|
%description -n %{libname}
|
|
|
|
|
libpng is the official reference library for the Portable Network
|
|
|
|
|
Graphics format (PNG).
|
|
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
|
The libpng%{branch}-devel package includes the header files, libraries,
|
|
|
|
|
configuration files and development tools necessary for compiling and
|
|
|
|
|
linking programs which will manipulate PNG files using libpng%{branch}.
|
|
|
|
|
|
|
|
|
|
libpng is the official reference library for the Portable Network
|
|
|
|
|
Graphics (PNG) format.
|
|
|
|
|
|
|
|
|
|
%description compat-devel
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
The libpng%{branch}-compat-devel package contains unversioned symlinks
|
|
|
|
|
to the header files, libraries, configuration files and development
|
|
|
|
|
tools necessary for compiling and linking programs that don't care
|
2012-02-20 10:52:44 +01:00
|
|
|
about libpng version.
|
|
|
|
|
|
2013-07-18 10:08:00 +02:00
|
|
|
%description tools
|
|
|
|
|
Package consists of low level tools for manipulating and fixing particular
|
|
|
|
|
PNG files.
|
|
|
|
|
|
2012-02-20 10:52:44 +01:00
|
|
|
%prep
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
%setup -q -n libpng-%{version}
|
2019-01-28 12:50:38 +01:00
|
|
|
%patch0 -p1
|
2012-02-20 10:52:44 +01:00
|
|
|
|
|
|
|
|
%build
|
2015-01-13 17:59:41 +01:00
|
|
|
# PNG_SAFE_LIMITS_SUPPORTED: http://www.openwall.com/lists/oss-security/2015/01/10/1
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
export CFLAGS="%{optflags} -O3 -DPNG_SAFE_LIMITS_SUPPORTED -DPNG_SKIP_SETJMP_CHECK $(getconf LFS_CFLAGS)"
|
2013-06-22 23:47:51 +02:00
|
|
|
export LDFLAGS="-Wl,-z,relro,-z,now"
|
2019-01-14 15:31:27 +01:00
|
|
|
%if %{debug_build}
|
|
|
|
|
export CFLAGS="$CFLAGS -O0"
|
|
|
|
|
%endif
|
2013-06-22 23:47:51 +02:00
|
|
|
%configure \
|
2015-08-07 16:20:27 +02:00
|
|
|
--disable-static
|
2019-01-14 15:31:27 +01:00
|
|
|
%if %{asan_build}
|
|
|
|
|
sed -i -e 's/^\(CFLAGS.*\)$/\1 -fsanitize=address/' \
|
|
|
|
|
-e 's/\(^LIBS =.*\)/\1 -lasan/' Makefile
|
|
|
|
|
%endif
|
2013-06-22 23:47:51 +02:00
|
|
|
make %{?_smp_mflags}
|
2012-02-20 10:52:44 +01:00
|
|
|
|
|
|
|
|
%check
|
2019-01-14 15:31:27 +01:00
|
|
|
%if %{asan_build}
|
|
|
|
|
# ASAN needs /proc to be mounted
|
|
|
|
|
exit 0
|
|
|
|
|
%endif
|
2018-01-31 10:58:12 +01:00
|
|
|
make -j1 check
|
2012-02-20 10:52:44 +01:00
|
|
|
|
|
|
|
|
%install
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
%make_install
|
|
|
|
|
rm %{buildroot}/%{_libdir}/libpng*.la
|
2013-07-18 10:08:00 +02:00
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/rpm
|
|
|
|
|
cp -a %{SOURCE3} \
|
|
|
|
|
%{buildroot}%{_sysconfdir}/rpm/macros.libpng-tools
|
2019-01-14 15:31:27 +01:00
|
|
|
%if %{debug_build} ||%{asan_build}
|
|
|
|
|
install -m755 .libs/pngcp %{buildroot}/%{_bindir}
|
|
|
|
|
%endif
|
2012-02-20 10:52:44 +01:00
|
|
|
|
|
|
|
|
%post -n %{libname} -p /sbin/ldconfig
|
|
|
|
|
%postun -n %{libname} -p /sbin/ldconfig
|
|
|
|
|
|
|
|
|
|
%files -n %{libname}
|
|
|
|
|
%{_libdir}/libpng%{branch}.so.*
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
%{_bindir}/libpng%{branch}-config
|
|
|
|
|
%{_includedir}/libpng%{branch}
|
|
|
|
|
%{_libdir}/libpng%{branch}.so
|
|
|
|
|
%{_libdir}/pkgconfig/libpng%{branch}.pc
|
|
|
|
|
%doc CHANGES README TODO ANNOUNCE LICENSE libpng-*.txt
|
|
|
|
|
|
|
|
|
|
%files compat-devel
|
|
|
|
|
%{_bindir}/libpng-config
|
|
|
|
|
%{_includedir}/*.h
|
|
|
|
|
%{_libdir}/libpng.so
|
|
|
|
|
%{_libdir}/pkgconfig/libpng.pc
|
Accepting request 570288 from home:avindra
- update to 1.6.34:
* Removed contrib/pngsuite/i*.png; some of these were incorrect
and caused test failures.
- includes 1.6.33:
* Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
missing parenthesis in contrib/pngminus/pnm2png.c
* Fixed off-by-one error in png_do_check_palette_indexes()
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
to fix shortlived oss-fuzz issue 3234.
* Compute a larger limit on IDAT because some applications write
a deflate buffer for each row
* Use current date (DATE) instead of release-date (RDATE) in last
changed date of contrib/oss-fuzz files.
* Enabled ARM support in CMakeLists.txt
* Fixed incorrect typecast of some arguments to png_malloc() and
png_calloc() that were png_uint_32 instead of png_alloc_size_t
* Use pnglibconf.h.prebuilt when building for ANDROID with cmake
* Initialize memory allocated by png_inflate to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_set_text_2() due to truncated iTXt or zTXt
chunk.
* Initialize memory allocated by png_read_buffer to zero, using
memset, to stop an oss-fuzz "use of uninitialized value"
detection in png_icc_check_tag_table() due to truncated iCCP
chunk.
* Removed redundant tests
* Added an interlaced version of each file in contrib/pngsuite.
* Relocate new memset() call in pngrutil.c
* Add support for loading images with associated alpha in the
Simplified API
* Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
state
* Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
* Add end_info structure and png_read_end() to the libpng fuzzer
- includes 1.6.32:
* Avoid possible NULL dereference in png_handle_eXIf when
benign_errors are allowed. Avoid leaking the input buffer
"eXIf_buf".
* Eliminated png_ptr->num_exif member from pngstruct.h and added
num_exif to arguments for png_get_eXIf() and png_set_eXIf().
* Added calls to png_handle_eXIf(() in pngread.c and
png_write_eXIf() in pngwrite.c, and made various other fixes
to png_write_eXIf().
* Changed name of png_get_eXIF and png_set_eXIf() to
png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
breaking API compatibility with libpng-1.6.31.
* Updated contrib/libtests/pngunknown.c with eXIf chunk.
* Initialized btoa[] in pngstest.c
* Stop memory leak when returning from png_handle_eXIf() with an
error
* Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
* Update libpng.3 and libpng-manual.txt about eXIf functions.
* Restored png_get_eXIf() and png_set_eXIf() to maintain API
compatability.
* Removed png_get_eXIf_1() and png_set_eXIf_1().
* Check length of all chunks except IDAT against user limit to
fix an OSS-fuzz issue (Fixes CVE-2017-12652)
* Check length of IDAT against maximum possible IDAT size,
accounting for height, rowbytes, interlacing and zlib/deflate
overhead.
* Restored png_get_eXIf_1() and png_set_eXIf_1(), because
strlen(eXIf_buf) does not work (the eXIf chunk data can
contain zeroes).
* Revised symlink creation, no longer using deprecated cmake
LOCATION feature
* Fixed five-byte error in the calculation of IDAT maximum
possible size.
* Moved chunk-length check into a png_check_chunk_length()
private function
* Moved bad pngs from tests to contrib/libtests/crashers
* Moved testing of bad pngs into a separate
tests/pngtest-badpngs script
* Added the --xfail (expected FAIL) option to pngtest.c. It
writes XFAIL in the output but PASS for the libpng test.
* Require cmake-3.0.2 in CMakeLists.txt
* Fix "const" declaration info_ptr argument to png_get_eXIf_1()
and the num_exif argument to png_get_eXIf_1()
* Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
* Added huge_IDAT.png and empty_ancillary_chunks.png to
testpngs/crashers.
* Make pngtest --strict, --relax, --xfail options imply -m
(multiple).
* Removed unused chunk_name parameter from png_check_chunk_length().
* Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
leak.
* Initialize profile_header[] in png_handle_iCCP() to fix
OSS-fuzz issue.
* Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
OSS-fuzz UMR.
* Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
* Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
to account for the minimum 'deflate' stream, and relocate the
test to a point after the keyword has been read.
* Check that the eXIf chunk has at least 2 bytes and begins with
"II" or "MM".
* Added a set of "huge_xxxx_chunk.png" files to
contrib/testpngs/crashers, one for each known chunk type, with
length = 2GB-1.
* Check for 0 return from png_get_rowbytes() and added some
(size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
issues (162705, 162706, and 162707).
* Renamed chunks in contrib/testpngs/crashers to avoid having
files whose names differ only in case; this causes problems with
some platforms
* Added contrib/oss-fuzz directory which contains files used by
the oss-fuzz project
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/570288
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=102
2018-01-29 07:59:18 +01:00
|
|
|
%{_mandir}/man3/libpng.3%{ext_man}
|
|
|
|
|
%{_mandir}/man3/libpngpf.3%{ext_man}
|
|
|
|
|
%{_mandir}/man5/png.5%{ext_man}
|
2012-02-20 10:52:44 +01:00
|
|
|
|
2013-07-18 10:08:00 +02:00
|
|
|
%files tools
|
|
|
|
|
%{_bindir}/png-fix-itxt
|
|
|
|
|
%{_bindir}/pngfix
|
2019-01-14 15:31:27 +01:00
|
|
|
%if %{debug_build} || %{asan_build}
|
|
|
|
|
%{_bindir}/pngcp
|
|
|
|
|
%endif
|
2013-07-18 10:08:00 +02:00
|
|
|
%{_sysconfdir}/rpm/macros.libpng-tools
|
|
|
|
|
|
2012-02-20 10:52:44 +01:00
|
|
|
%changelog
|
