diff --git a/libpng-1.6.34.tar.xz b/libpng-1.6.34.tar.xz deleted file mode 100644 index 37392a1..0000000 --- a/libpng-1.6.34.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2f1e960d92ce3b3abd03d06dfec9637dfbd22febf107a536b44f7a47c60659f6 -size 997968 diff --git a/libpng-1.6.34.tar.xz.asc b/libpng-1.6.34.tar.xz.asc deleted file mode 100644 index 12f0764..0000000 --- a/libpng-1.6.34.tar.xz.asc +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQIcBAABAgAGBQJZzghsAAoJEPVJhL+hbGQPxfAP/iNKJV+UC3f6zNE62jPCjNVg -Gx3pOhWHMw2+mkN8NxlI7L5qPRj/zJ2G0iso2CVXBRzcb21aNMZ+Jx4/mQ1p2qPT -olupBl3mug/zucdUVSxsN0g2i7/atvxHX3fjkCjoNsNpkcBWPGZFhE5yZZTYU5Oz -qNrfluwkV+jC2XWqMw/B40Mahw4LwmbvzXeduaBxxNXDM7nund0vsEdoGYeI/NZx -G106dg+hmalJq1084M+SHyOiDa4xh1CAdpeJnwaL1IMjsbzyALZezUxx2PqrwwVg -WgLuSfPRZjNBFLZJxCBM1Y49QiON90NQzdZqeCA+0nNDQZtQAKPEI/zGadWZHBKd -4H5d19VvmYo2dPsvBoK5t8QSXeSEreTGsryQcKRbNvbzxMSBNdHN/C6zg13Kuteg -1xyx9jTtS59Ir+oOkE9EhXSAhEp4baPzFqjIwK2NON6/+gv9BYywVwc6cTfCz2rR -NgXaxe5/8qCZCb1DM6ZmgbhlLtXUrOLED49zX5ndcHpGBAQx5HVj7GRNn6VcSw1U -Ljk+S9r2A7g/mEzNqzeHcqpMSCjSt59RpQXvDfTI7vF1lxRqmNGMG1W9Sjk0DKe7 -nPI7a/wAf6S8gU+VhPOHhj3I/B4e4IrBuwWj4NGaUO0RBbDwWYPXLrrDoMC7FBW7 -Z+dSb9Tb6/Ihc3NXkJFI -=qQuX ------END PGP SIGNATURE----- diff --git a/libpng-1.6.36.tar.xz b/libpng-1.6.36.tar.xz new file mode 100644 index 0000000..2217d1c --- /dev/null +++ b/libpng-1.6.36.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:eceb924c1fa6b79172fdfd008d335f0e59172a86a66481e09d4089df872aa319 +size 1012544 diff --git a/libpng16-CVE-2018-13785.patch b/libpng16-CVE-2018-13785.patch deleted file mode 100644 index f87c22b..0000000 --- a/libpng16-CVE-2018-13785.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: libpng-1.6.34/pngrutil.c -=================================================================== ---- libpng-1.6.34.orig/pngrutil.c 2017-09-29 10:40:57.000000000 +0200 -+++ libpng-1.6.34/pngrutil.c 2018-08-01 09:59:02.399741891 +0200 -@@ -3149,7 +3149,7 @@ png_check_chunk_length(png_const_structr - { - png_alloc_size_t idat_limit = PNG_UINT_31_MAX; - size_t row_factor = -- (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1) -+ ((size_t)png_ptr->width * (size_t)png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1) - + 1 + (png_ptr->interlaced? 6: 0)); - if (png_ptr->height > PNG_UINT_32_MAX/row_factor) - idat_limit=PNG_UINT_31_MAX; diff --git a/libpng16.changes b/libpng16.changes index 14139c3..660fd75 100644 --- a/libpng16.changes +++ b/libpng16.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Mon Dec 31 09:41:53 UTC 2018 - Petr Gajdos + +- update to 1.6.36: + Replaced the remaining uses of png_size_t with size_t (Cosmin) + Fixed the calculation of row_factor in png_check_chunk_length + (reported by Thuan Pham in SourceForge issue #278) + Added missing parentheses to a macro definition + (suggested by "irwir" in GitHub issue #216) + Optimized png_do_expand_palette for ARM processors. + Improved performance by around 10-22% on a recent ARM Chromebook. + (Contributed by Richard Townsend, ARM Holdings) + Fixed manipulation of machine-specific optimization options. + (Contributed by Vicki Pfau) + Used memcpy instead of manual pointer arithmetic on Intel SSE2. + (Contributed by Samuel Williams) + Fixed build errors with MSVC on ARM64. + (Contributed by Zhijie Liang) + Fixed detection of libm in CMakeLists. + (Contributed by Cameron Cawley) + Fixed incorrect creation of pkg-config file in CMakeLists. + (Contributed by Kyle Bentley) + Fixed the CMake build on Windows MSYS by avoiding symlinks. + Fixed a build warning on OpenBSD. + (Contributed by Theo Buehler) + Fixed various typos in comments. + (Contributed by "luz.paz") + Raised the minimum required CMake version from 3.0.2 to 3.1. + Removed yet more of the vestigial support for pre-ANSI C compilers. + Removed ancient makefiles for ancient systems that have been broken + across all previous libpng-1.6.x versions. + Removed the Y2K compliance statement and the export control + information. + Applied various code style and documentation fixes. +- removed patches + * libpng16-CVE-2018-13785.patch (upstreamed) +- cannot find upstream tarball signature, asked upstream for + clarification + ------------------------------------------------------------------- Wed Aug 1 08:01:23 UTC 2018 - pgajdos@suse.com diff --git a/libpng16.spec b/libpng16.spec index fd34ecf..81bb922 100644 --- a/libpng16.spec +++ b/libpng16.spec @@ -12,14 +12,14 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # # %define major 1 %define minor 6 -%define micro 34 +%define micro 36 %define branch %{major}%{minor} %define libname libpng%{branch}-%{branch} %define debug_package_requires %{libname} = %{version}-%{release} @@ -30,12 +30,10 @@ Summary: Library for the Portable Network Graphics Format (PNG) License: Zlib Group: Development/Libraries/C and C++ Url: http://www.libpng.org/pub/png/libpng.html -Source0: ftp://ftp.simplesystems.org/pub/png/src/libpng16/libpng-%{version}.tar.xz -Source1: ftp://ftp.simplesystems.org/pub/png/src/libpng16/libpng-%{version}.tar.xz.asc +Source0: http://prdownloads.sourceforge.net/libpng/libpng-%{version}.tar.xz Source2: libpng16.keyring Source3: rpm-macros.libpng-tools Source4: baselibs.conf -Patch0: libpng16-CVE-2018-13785.patch BuildRequires: libtool BuildRequires: pkgconfig BuildRequires: zlib-devel @@ -97,7 +95,6 @@ PNG files. %prep %setup -q -n libpng-%{version} -%patch0 -p1 %build # PNG_SAFE_LIMITS_SUPPORTED: http://www.openwall.com/lists/oss-security/2015/01/10/1