Accepting request 416808 from home:susnux:branches:graphics

Update to 1.6.23
Some possible security fixes.

OBS-URL: https://build.opensuse.org/request/show/416808
OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=81

libpng-1.6.22.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6b5a6ad5c5801ec4d24aacc87a0ed7b666cd586478174f69368a1d7747715226
-size 958976

libpng-1.6.22.tar.xz.asc

@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABAgAGBQJXRuzxAAoJEPVJhL+hbGQPQzUP/jmOI6EBMi+O1kyq+Bio8hL+
-i5Bs5MPGoUxRUcNNWTFVdFfvmXiJtTkAycCoxFJp1ysU4fEPhZ/0U/kvvk+DwzIZ
-zPLXzD9YTeYOi+TAkVbnl0eLI1CJYA7bHlRROv/+Q6mFYnAROweyyzAuZfX3JwQd
-hkN/ugq60Tz7wumtLzz/d0ZGZmBwmq7VDsKLgKC1tksxpmNUjFXKfHwJtsA5FH4T
-dEbz7L9kFuWPrRA/E9rD5sRXxP6Tekqamho+3LNOwI90bkULlBcsOlbctw40yxTJ
-AznmJCXMg3hVyNtLGcEsPlyI/1NOi9DTA8T0Dxj9zRW9b36nPtGAze1oOfk0XYjV
-nBGuP5MJmBP5w+nxohCgAevp/XH0LGr9H/tO/TLZcQ/GTcqFyLASHXBNK6JuQwTK
-YYs77NkBHaaODptZZ1GqPv7AzwKmLhHzjWjm1u93LLlNb8rbpkOdYXbQ5/KKdQOh
-OXpk0g1P0oB1AY62/k82GnHnukULxn5MxWnvCasjfYMKvLWFMOOMIqhwDRXRXTR/
-0TBDAg4F+o053o/wu6ym46UI5EDmvkk7Bv4EN+iFhawtwGztJNnz7XIXA9aDx8vh
-nd2C8Cmt8R5KZaHRVY0ZrGU/Og0S3m3cgfWiYK9wu9z11rPLuOnYFZZ1p+Bn0Lb6
-kJhcMjWGY9WT6hhk9lek
-=QkFl
------END PGP SIGNATURE-----

libpng-1.6.23.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6d921e7bdaec56e9f6594463ec1fe1981c3cd2d5fc925d3781e219b5349262f1
+size 961520

libpng-1.6.23.tar.xz.asc

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQIcBAABAgAGBQJXWVlfAAoJEPVJhL+hbGQPma8QAPosNmfqgIP+5cvaheoxpb6N
+u6mhl9vrv0/p0q0z1Wzd7viu1Nhd4/Mq9jLoUkpn5Kh49JBA2PCKpLVKUtdFNb9y
+fXDb0Cr6Fm+iE0tvK7HEk3w+U2/TNc2llt6G5ftEVvHXedrXqcUubvo84f+a2bRA
+OqDXqwuUfMcf9pMEg4WxjqJ/WoPr/XkLC5ixWjA1LqPJ8E8nlLg8r03HdebQT93x
+4M0z0HNr20mjUOeCc5JhFWNzJWMDBh60B9GdfQtBSCzTsO/onVNaaTziKI1v9Ef8
+N4sReAi0d4lTkIFjvCoxALyE6QPMaOSA+fp3HYr2ALen83rX3S2DCmcxdQxRMnXN
+qkS0uB2oue3ZGLrKHxu8Xhme8YEyo8IQVs3tYZkiqiRJsNz7MJQ7bg4mz9jT3Ae7
+F3B/T9pDr6HiPj08k8wURUtZeQmfU4M5WXadBnhxhmcatynCpwf/QJK/i/twfI4T
+gajOIyQqHrm6OIaGxG+0gtJG3/mdiftYfyz3280sy0RLDeshyYcx7BEQRLzFp/k3
+zWGUDaO0gyfY5DJibM899a93Z1no5Vkyy1H9lIh4/V5j6eTc+5/dT5mFMbEVTJlX
+36yyYB+izY/r4KtkgCT0KgaTCA8zP8cZCQAPFM1F0OGvZwYZfjUpRlWZlxT2KI9P
+d3d1fcsy9IWU3lZmEk3R
+=0nta
+-----END PGP SIGNATURE-----

libpng16.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Aug  3 22:30:08 UTC 2016 - rpm@fthiessen.de
+
+- Update to new upstream release 1.6.23
+  * Fixes a potential memleak in png_set_tRNS.
+  * Fixed the progressive reader to handle empty first IDAT
+    chunk properly.
+  * Added tests in pngvalid.c to check zero-length IDAT chunks
+    in various positions.
+  * Fixed the sequential reader to handle these more robustly.
+  * Corrected progressive read input buffer in pngvalid.c.
+  * Moved sse2 prototype from pngpriv.h to
+    contrib/intel/intel_sse.patch.
+  * Fixed undefined behavior in png_push_save_buffer().
+    Do not call memcpy() with a null source, even if count is zero.
+  * Fixed bad link to RFC2083 in png.5.
+
 -------------------------------------------------------------------
 Thu May 26 14:55:11 UTC 2016 - pgajdos@suse.com
 

libpng16.spec

@@ -19,7 +19,7 @@
 #
 %define major   1
 %define minor   6
-%define micro   22
+%define micro   23
 %define branch  %{major}%{minor}
 %define libname libpng%{branch}-%{branch}