- update to 1.6.26:

Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo,
    bugfix by John Bowler).
  Do not issue a png_error() on read in png_set_pCAL() because
    png_handle_pCAL has allocated memory that libpng needs to free.
  Issue a png_benign_error instead of a png_error on ADLER32 mismatch
    while decoding compressed data chunks.
  Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and
    pngrutil.c.
  If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE,
    ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs.
  Issue png_benign_error() on ADLER32 checksum mismatch instead of
    png_error().
  Updated the documentation about CRC and ADLER32 handling.
  Fixed offsets in contrib/intel/intel_sse.patch
  Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h
    to avoid a signed/unsigned compare in the preprocessor.
  Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to
    optionally avoid ADLER32 evaluation.

OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=86

libpng-1.6.25.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:09fe8d8341e8bfcfb3263100d9ac7ea2155b28dd8535f179111c1672ac8d8811
-size 982204

libpng-1.6.25.tar.xz.asc

@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABAgAGBQJXx6RXAAoJEPVJhL+hbGQPzmUQAI9B14hLR+6nNZWZ5owYq+UP
-Yb3nWJJXniAj69MC/gKsNqJUjJcAwSYbw+Gbh7Y4AHevpAoNRUpFCVFkD5eLmgH6
-V8wseRNm74TJUp0sz3NEKSWuEIfvBBNSUR1CMqBC/YCn7Ow4cglLz5DXjr4qEaPE
-Nur7qsROHFzZFFdEc626wEWzQZ0fao6p4sdvsdqay7e+8nxchyMXwPgyXciKEpSd
-35yp/hUhHvQ9W8gWdfCUNHfNsAaTT0Eti0Jq2J+8nPIp+D2Rj0CPBkH+DtOpQDGc
-ZgJZy46jy70PsjHoaxOla6J/OURoab10NvtEpE2C5GqrRhW3Fq2HB5Ey3oHDlDpO
-xTzG3buLEtYvpKCzNMqoQUbgX8bcSpkDBTucVPtrY0JVgWUHWIFrHqJFCqBkrD8F
-KUny8BqUGnTs1WQ+Nd3TVIx6tjHXgjMiu4gZc2J3V0hHrUBYrGFgzrx0yr++LR6N
-Xr73OUDSIU/XZ/WQgQ7Zp0XYfrgV0YiCUdcJiTJ4qOI69hTNjeV3zpveu8aGCNzf
-TJ6F/YJowbFnvxyGGxCoZrYnXorTRyVhqMhqBvKu0hyl9fC+f95mPLyelUR7hPVV
-BwtwM4pq/vIE0ZBrmAJxdhYirUQd0tp6cjuxKVftbtmK2rv/fh2cIUh2fFPfTEXC
-RLiU1jQ8ouGP1BN/Iyet
-=rnSm
------END PGP SIGNATURE-----

libpng-1.6.26.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:266743a326986c3dbcee9d89b640595f6b16a293fd02b37d8c91348d317b73f9
+size 983576

libpng-1.6.26.tar.xz.asc

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQIcBAABAgAGBQJYCBZzAAoJEPVJhL+hbGQPvpEP/1WksEMqpKn1w18pbYzTEUe0
++7WaHKj07Z8zOneYRKdEp3xPtEfvJOS3n+Qr6yqaXo9+SewoKCvagT2B6RhEPeBe
+lpSofPxz3NRqIrD85DRf+BSAky709qYfCXGlNxWoVGCv9r1vDZTOxiUyz+gZkHot
+KuFKNSxTkRGgiFDLl/1ffL1WFv6rEsqQQh5Z54gia8n/z4MAjkxQorwsIVMKPFTw
+KJqWgKpccKSFdBunBdOoHuIbAg871rLdA3ZCR4EOdLBEGyp8APp0Vgfftma1exzF
+oU6ExlTBceBg8jZFwesQISLZMpClyuZrfrI5FEaADWHSmnv7OqJW8H+HyTxt+JFq
+4HCJa0ftLuH6QVmEMnssrq4Ey7Mel6I28nZcUMFyhDdzRJaipwnrfP2zw+X40I+q
+NlELebAdrtBjtOQyr1MrRV50Q8oFcK/+TfMtEaosVGxPnMRmhzmKM/golawFEInK
+gaAGzSm5kSaxtn7Mis2nLiYqE+dbi5qOIKQIedUfxZ92HaKKjGMiXgvru8WPTxZ6
+QRciRsIdHfwxdblUMzjt8SpT1H2UH4zJr/DcPt2YrJYARi5n830XqvzDfVQO9J5R
+Uew/8av0Nch0Oco+OuivAybOJ9b41oOXFyh/iY7ocqqXwQJltskjN1KwdRZeP4Ny
+NjmcKKFtWnvf8M8bEZ0R
+=Ktgv
+-----END PGP SIGNATURE-----

libpng16.changes

@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Thu Oct 20 06:12:20 UTC 2016 - pgajdos@suse.com
+
+- update to 1.6.26:
+  Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo,
+    bugfix by John Bowler).
+  Do not issue a png_error() on read in png_set_pCAL() because
+    png_handle_pCAL has allocated memory that libpng needs to free.
+  Issue a png_benign_error instead of a png_error on ADLER32 mismatch
+    while decoding compressed data chunks.
+  Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and
+    pngrutil.c.
+  If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE,
+    ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs.
+  Issue png_benign_error() on ADLER32 checksum mismatch instead of
+    png_error().
+  Updated the documentation about CRC and ADLER32 handling.
+  Fixed offsets in contrib/intel/intel_sse.patch
+  Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h
+    to avoid a signed/unsigned compare in the preprocessor.
+  Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to
+    optionally avoid ADLER32 evaluation.
+
 -------------------------------------------------------------------
 Thu Sep  1 08:37:41 UTC 2016 - pgajdos@suse.com
 

libpng16.spec

@@ -19,7 +19,7 @@
 #
 %define major   1
 %define minor   6
-%define micro   25
+%define micro   26
 %define branch  %{major}%{minor}
 %define libname libpng%{branch}-%{branch}
 
@@ -44,8 +44,8 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package -n %{libname}
 Summary:        Library for the Portable Network Graphics Format (PNG)
-Group:          System/Libraries
 # bug437293
+Group:          System/Libraries
 %ifarch ppc64
 Obsoletes:      libpng-64bit
 %endif