- updated to 1.6.8:
Changed #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED in pngpread.c to
#ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED to be consistent with
what is in pngpriv.h.
Moved prototype for png_handle_unknown() in pngpriv.h outside of
the #ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED/#endif block.
Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
Fixed pngvalid 'fail' function declaration on the Intel C Compiler.
This reverts to the previous 'static' implementation and works round
the 'unused static function' warning by using PNG_UNUSED().
Handle zero-length PLTE chunk or NULL palette with png_error()
instead of png_chunk_report(), which by default issues a warning
rather than an error, leading to later reading from a NULL pointer
(png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
and VU#650142.
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=49
This commit is contained in:
Git OBS Bridge
parent
e8380fa090
commit
2c0f5fd121
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:13c9c853a9a600218fff9961658dc4f485ad2ef9b862315b434dd2fdbbe1f945
|
||||
size 873472
|
||||
@ -1,17 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.11 (GNU/Linux)
|
||||
|
||||
iQIcBAABAgAGBQJShR/HAAoJEPVJhL+hbGQPVucP/iiHX90XJtzpd21kAIsxjH6N
|
||||
2bx8t6z0lanHPX1MRSwqJNwwRVZiooS6Dx160a7MMIY8bhe78bCND2OqhUwGHlsH
|
||||
pKzjlfp84pqlAUqr7WOIlX9i+axUU185MOdyefnqYtvPwAsXzDnx55Q0EkfRmMHU
|
||||
I3wYF5HaYKHVr6QNsQbXlJF9OBIa/VyZIGomDn/01U+87xd1kCa5IAYWfadbCKxy
|
||||
Aw4upXWXEaRPXOc3Q6269RULBcqf2cuZ+v78rAZuyziIz2nHASxuU+JYdOYObB20
|
||||
dFu1dxMNyep2+cGKujOZHdaqh8BZJmAXADKm2nQTqv7RE0AlZvfZuSnSKJAllZd2
|
||||
j4uI/U2LK099OujF3+28QUiLlaTPm/B9RbVkjhcV4Djw23C9HBsgK1+0YuN8ruYl
|
||||
Y2NuHwszGRb9lsdaQRnmt363WrNPE+rpTQLjqR71VbrXzhLnfV7aEQ6ircK/ZCZ6
|
||||
mBYHNcNZHnLb2WRVHGu2nIzfFQ4iwD6BfPXobmS+B6mBaesfH8VaJ6obUvNN+tj8
|
||||
a3ELV3Cszjfji3wouNC3oq8YOtVVX+CFjt64m8XEEBJRrjyGVj8mlEKozvdwsZBV
|
||||
RgChp0jpefI3X59SCh39MULLIubdw7vfdpellOn0OKoKKjogyyJy5ijkYS03Gi4O
|
||||
tNsWyzsJCjf6rxOg1Hcu
|
||||
=OP9y
|
||||
-----END PGP SIGNATURE-----
|
||||
3
libpng-1.6.8.tar.xz
Normal file
3
libpng-1.6.8.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:24f73d8b5e1d74a9482c81b65c3f93f96c7da7ed0417b8a948a75d2d99133081
|
||||
size 876172
|
||||
17
libpng-1.6.8.tar.xz.asc
Normal file
17
libpng-1.6.8.tar.xz.asc
Normal file
@ -0,0 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.11 (GNU/Linux)
|
||||
|
||||
iQIcBAABAgAGBQJSsw5jAAoJEPVJhL+hbGQPfWwP/0hmqxBUOACnfOLyyQoQxKAv
|
||||
PH62hdtGpwmnjUakb6DvHgAoIQla/UycGwBz0ZU7CluBS/xnD/JATYum3W/yRsv4
|
||||
pPxDtzI1Qw4kDwHUrwIlLsfUmg7Oor0RLMcAHHNitd/246AzEVsGPmr1agP+/y1a
|
||||
XJBFRILwPjMb0h2x0LoYb20t3FIdVeKGnTV76ls0AYc+hOCCOawP/JJi19mgN1lp
|
||||
RzM79U7F94+wWxAV43WXZhgaSheHJWQxoE1O+RPOAFWu5d7MBDPzT6Pzj4VoS7Tf
|
||||
k1zXx7bhbGUxYUKfyufo69TC8OgXtnWfUHum9oafPDq5AdQe5tBkg4fN28sxPAP5
|
||||
xG0LL1JGBgBdb26tAhQsNFOQJduoF30X/lBHcSPpyIbBumIkmWsNtqYTOHV/SZeA
|
||||
CPqmjjqPfk25Mmq0+a+SDg33HTi+HcH5bblrtWXNmWFGYvCGcSIsgT3JnLAO2QT9
|
||||
ymxT84yVh3rOVIPvkiDpgRI/jQ9T/B0FTQuV/4PSx9elggJmrvmwwGEc/DOd1Moe
|
||||
mkX063RV3bVGNn4k9RioVU4gBjmTseKlpvHRLd96mz9EwbB+DS4nS3YytFOT5pYj
|
||||
TY+xRfoSNDnHFEuTQ9wNVlL+P5s8cwsuVwjX5FPW9SFNgRABId4BIrJtb2djUXuE
|
||||
48KxmF5qpVkh7km9lKo7
|
||||
=Fkd6
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,3 +1,22 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 20 07:08:48 UTC 2013 - pgajdos@suse.com
|
||||
|
||||
- updated to 1.6.8:
|
||||
Changed #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED in pngpread.c to
|
||||
#ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED to be consistent with
|
||||
what is in pngpriv.h.
|
||||
Moved prototype for png_handle_unknown() in pngpriv.h outside of
|
||||
the #ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED/#endif block.
|
||||
Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
|
||||
Fixed pngvalid 'fail' function declaration on the Intel C Compiler.
|
||||
This reverts to the previous 'static' implementation and works round
|
||||
the 'unused static function' warning by using PNG_UNUSED().
|
||||
Handle zero-length PLTE chunk or NULL palette with png_error()
|
||||
instead of png_chunk_report(), which by default issues a warning
|
||||
rather than an error, leading to later reading from a NULL pointer
|
||||
(png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
|
||||
and VU#650142.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 2 09:35:17 UTC 2013 - pgajdos@suse.com
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
#
|
||||
%define major 1
|
||||
%define minor 6
|
||||
%define micro 7
|
||||
%define micro 8
|
||||
%define branch %{major}%{minor}
|
||||
%define libname libpng%{branch}-%{branch}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user