libpng16

pool/libpng16

SHA256

Fork 1

b53cf97040 Accepting request 1219523 from graphics factory Dominique Leuenberger 2024-10-31 15:09:20 +0000
b5be536f5e - version update to 1.6.44: * Hardened calculations in chroma handling to prevent overflows, and relaxed a constraint in cHRM validation to accomodate the standard ACES AP1 set of color primaries. (Contributed by John Bowler) * Removed the ASM implementation of ARM Neon optimizations and updated the build accordingly. Only the remaining C implementation shall be used from now on, thus ensuring the support of the PAC/BTI security features on ARM64. (Contributed by Ross Burton and John Bowler) * Fixed the pickup of the PNG_HARDWARE_OPTIMIZATIONS option in the CMake build on FreeBSD/amd64. This is an important performance fix on this platform. * Applied various fixes and improvements to the CMake build. (Contributed by Eric Riff, Benjamin Buch and Erik Scholz) * Added fuzzing targets for the simplified read API. (Contributed by Mikhail Khachayants) * Fixed a build error involving pngtest.c under a custom config. This was a regression introduced in a code cleanup in libpng-1.6.43. (Contributed by Ben Wagner) * Fixed and improved the config files for AppVeyor CI and Travis CI. - Drop upstream patch: * 563.patch devel Petr Gajdos 2024-10-30 10:23:31 +0000
e94123dbda Accepting request 1194654 from graphics Ana Guerrero 2024-08-20 14:12:43 +0000
c0be9ffafa - Fix missing backslash Petr Gajdos 2024-08-19 07:39:31 +0000
cdb0b7f6f9 Accepting request 1180336 from graphics Ana Guerrero 2024-06-14 16:57:12 +0000
dcba818b5c - Backport patch to fix PAC/BTI support on aarch64: * 563.patch Petr Gajdos 2024-06-13 08:50:42 +0000
5350362fc7 Accepting request 1155898 from graphics Ana Guerrero 2024-03-08 17:07:47 +0000
d4ab427613 checkin Petr Gajdos 2024-03-07 12:37:01 +0000
7667049c2a Accepting request 1147522 from graphics Ana Guerrero 2024-02-21 16:51:51 +0000
6865cc196b Accepting request 1147257 from home:yannboyer_dev Petr Gajdos 2024-02-19 08:38:22 +0000
f68739b3f7 Accepting request 1138083 from graphics Ana Guerrero 2024-01-12 22:44:17 +0000
6a2e844fb9 - fixes [bsc#1121624] CVE-2019-6129 and [bsc#1124211] CVE-2019-7317 Petr Gajdos 2024-01-11 09:14:22 +0000
d32cd36eea Accepting request 1094850 from graphics Dominique Leuenberger 2023-06-24 18:13:31 +0000
65cbf1f0a9 Accepting request 1094720 from home:pluskalm:branches:graphics Petr Gajdos 2023-06-23 10:55:10 +0000
3946498b5d Accepting request 1087176 from graphics Dominique Leuenberger 2023-05-16 12:15:47 +0000
e7ad2c9d7b - do not use NEON instructions [bsc#1211176] Petr Gajdos 2023-05-15 07:31:22 +0000
dc50fe740a Accepting request 1080488 from graphics Dominique Leuenberger 2023-04-21 12:15:44 +0000
7f2791a459 Accepting request 1080481 from home:fcrozat:branches:graphics Petr Gajdos 2023-04-20 07:31:42 +0000
d303d46d33 Accepting request 1062455 from graphics Dominique Leuenberger 2023-02-02 17:07:37 +0000
8fab1a6c5e Accepting request 1062444 from home:dimstar:Factory Petr Gajdos 2023-02-01 13:25:02 +0000
7ba6a54afe Accepting request 1062412 from home:dirkmueller:Factory Petr Gajdos 2023-02-01 09:28:53 +0000
4e82b1b65e Accepting request 1038197 from graphics Dominique Leuenberger 2022-11-26 17:45:07 +0000
85fafee4d4 Accepting request 1038184 from home:dimstar:Factory Petr Gajdos 2022-11-25 12:19:00 +0000
d69bcdca2d Accepting request 1007169 from graphics Dominique Leuenberger 2022-10-03 11:44:20 +0000
2dd89d15a5 Accepting request 1007088 from home:dirkmueller:Factory Stephan Kulow 2022-09-30 07:03:18 +0000
be71ef1692 Accepting request 976272 from graphics Dominique Leuenberger 2022-05-12 20:58:12 +0000
b5e69da6cc - switch source url to https Marcus Meissner 2022-05-04 09:10:56 +0000
248fcca93e Accepting request 890905 from graphics Dominique Leuenberger 2021-05-08 20:07:10 +0000
49208e9728 OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=123 Petr Gajdos 2021-05-06 07:41:07 +0000
d9882e71dd - install rpm macros in %{_rpmmacrodir} [bsc#1185661] - call spec-cleaner Petr Gajdos 2021-05-06 06:53:29 +0000
b23e801a3b Accepting request 878473 from graphics Richard Brown 2021-03-16 14:43:42 +0000
53b8c15b0b Accepting request 878383 from home:llunak:branches:graphics Petr Gajdos 2021-03-12 07:30:35 +0000
edf2d65594 Accepting request 694940 from graphics Dominique Leuenberger 2019-04-18 11:57:46 +0000
7550ad9f8d - make check actually works under asan Petr Gajdos 2019-04-17 06:29:38 +0000
94fadb06fa - version update to 1.6.37 Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free. Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette. Fixed a memory leak in pngtest.c. Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in contrib/pngminus; refactor. Changed the license of contrib/pngminus to MIT; refresh makefile and docs. (Contributed by Willem van Schaik) Added makefiles for AddressSanitizer-enabled builds. - deleted patches - libpng-arm-free.patch (upstreamed) Petr Gajdos 2019-04-15 15:03:17 +0000
003ccb84a9 Accepting request 669458 from graphics Stephan Kulow 2019-02-04 20:24:19 +0000
b7377afde8 OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=115 Petr Gajdos 2019-01-29 08:09:10 +0000
774495c1ae - fix arm build [bsc#1121829] + libpng-arm-free.patch Petr Gajdos 2019-01-28 11:50:38 +0000
2642e3f1d9 - asan_build: build ASAN included - debug_build: build more suitable for debugging, install pngcp Petr Gajdos 2019-01-14 14:31:27 +0000
1ac70aeccb Accepting request 662196 from graphics Dominique Leuenberger 2019-01-03 17:05:24 +0000
7d96e07570 - update to 1.6.36: Replaced the remaining uses of png_size_t with size_t (Cosmin) Fixed the calculation of row_factor in png_check_chunk_length (reported by Thuan Pham in SourceForge issue #278) Added missing parentheses to a macro definition (suggested by "irwir" in GitHub issue #216) Optimized png_do_expand_palette for ARM processors. Improved performance by around 10-22% on a recent ARM Chromebook. (Contributed by Richard Townsend, ARM Holdings) Fixed manipulation of machine-specific optimization options. (Contributed by Vicki Pfau) Used memcpy instead of manual pointer arithmetic on Intel SSE2. (Contributed by Samuel Williams) Fixed build errors with MSVC on ARM64. (Contributed by Zhijie Liang) Fixed detection of libm in CMakeLists. (Contributed by Cameron Cawley) Fixed incorrect creation of pkg-config file in CMakeLists. (Contributed by Kyle Bentley) Fixed the CMake build on Windows MSYS by avoiding symlinks. Fixed a build warning on OpenBSD. (Contributed by Theo Buehler) Fixed various typos in comments. (Contributed by "luz.paz") Raised the minimum required CMake version from 3.0.2 to 3.1. Removed yet more of the vestigial support for pre-ANSI C compilers. Removed ancient makefiles for ancient systems that have been broken across all previous libpng-1.6.x versions. Removed the Y2K compliance statement and the export control information. Petr Gajdos 2018-12-31 09:48:16 +0000
39ea93d749 Accepting request 626863 from graphics Dominique Leuenberger 2018-08-07 07:39:30 +0000
017efe162c - security update: * CVE-2018-13785 [bsc#1100687] + libpng16-CVE-2018-13785.patch Petr Gajdos 2018-08-01 08:04:03 +0000
b2d60cd160 Accepting request 573091 from graphics Dominique Leuenberger 2018-02-09 14:43:21 +0000
b4f19dc98b - %{libname} package provides libpng = %{version} again [bsc#1079342] Petr Gajdos 2018-02-05 15:36:37 +0000
9ffc4f8852 Accepting request 571330 from graphics Dominique Leuenberger 2018-02-01 20:26:04 +0000
dae74ca9f5 - check with -j1 Petr Gajdos 2018-01-31 09:58:12 +0000
967757aa6d Accepting request 571243 from home:jengelh:branches:graphics Petr Gajdos 2018-01-31 08:52:07 +0000
cb9da2686a - removed obsoleted Obsoletes Petr Gajdos 2018-01-30 15:32:56 +0000
e4eeecccf9 Accepting request 570288 from home:avindra Petr Gajdos 2018-01-29 06:59:18 +0000
096fdd65d9 Accepting request 514898 from graphics Yuchen Lin 2017-08-12 17:42:48 +0000
4f461efd3c - update to 1.6.31: * Guard the definition of _POSIX_SOURCE in pngpriv.h. * Revised pngpriv.h to work around failure to compile arm/filter_neon.S. * Added "Requires: zlib" to libpng.pc.in. * Added special case for FreeBSD in arm/filter_neon.S. * Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent possible integer overflow. * Added eXIf chunk support. - remove upstreamed 0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch Petr Gajdos 2017-08-07 09:56:16 +0000
80e8487821 Accepting request 511589 from graphics Dominique Leuenberger 2017-07-30 09:25:32 +0000
d230136457 Accepting request 511457 from home:StefanBruens:branches:graphics Ismail Dönmez 2017-07-20 09:32:06 +0000
58b3c5b66a - Add 0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch Fix build on ARM Petr Gajdos 2017-07-17 08:50:16 +0000
1ffb7dbe30 Accepting request 509235 from home:Andreas_Schwab:Factory Petr Gajdos 2017-07-17 08:39:47 +0000
4023abfd2e Accepting request 507405 from graphics Dominique Leuenberger 2017-07-04 09:55:09 +0000
3063cf7ec4 - update to 1.6.30: Revised documentation of png_get_error_ptr() in the libpng manual. Document need to check for integer overflow when allocating a pixel buffer for multiple rows in contrib/gregbook, contrib/pngminus, example.c, and in the manual (suggested by Jaeseung Choi). This is similar to the bug reported against pngquant in CVE-2016-5735. Check for integer overflow in contrib/visupng and contrib/tools/genpng. Do not double evaluate CMAKE_SYSTEM_PROCESSOR in CMakeLists.txt. Avoid writing an empty IDAT when the last IDAT exactly fills the compression buffer (bug report by Brian Baird). This bug was introduced in libpng-1.6.0. Add a reference to the libpng.download site in README. Petr Gajdos 2017-06-30 15:52:07 +0000
59b260a575 Accepting request 480726 from graphics Dominique Leuenberger 2017-03-21 21:44:49 +0000
e223e90f15 - update to 1.6.29: Moved SSE2 optimization code into the main libpng source directory. Configure libpng with "configure --enable-intel-sse" or compile libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it. Added code for PowerPC VSX optimisation (Vadim Barkov). Avoid potential overflow of shift operations in png_do_expand() (Aaron Boxer). Petr Gajdos 2017-03-16 20:25:46 +0000
afd1c7eda7 Accepting request 448961 from graphics Dominique Leuenberger 2017-01-10 09:37:57 +0000
ad752ef1e0 - update to 1.6.28: fix build issues Petr Gajdos 2017-01-06 08:12:51 +0000
101773fe9a - update to 1.6.27: fixes CVE-2016-10087 Petr Gajdos 2017-01-02 11:10:07 +0000
8d20c28ae4 Accepting request 436633 from graphics Dominique Leuenberger 2016-10-23 10:49:58 +0000
be9aa799a6 OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=87 Petr Gajdos 2016-10-21 06:41:50 +0000
3e860acfee - update to 1.6.26: Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo, bugfix by John Bowler). Do not issue a png_error() on read in png_set_pCAL() because png_handle_pCAL has allocated memory that libpng needs to free. Issue a png_benign_error instead of a png_error on ADLER32 mismatch while decoding compressed data chunks. Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and pngrutil.c. If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE, ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs. Issue png_benign_error() on ADLER32 checksum mismatch instead of png_error(). Updated the documentation about CRC and ADLER32 handling. Fixed offsets in contrib/intel/intel_sse.patch Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h to avoid a signed/unsigned compare in the preprocessor. Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to optionally avoid ADLER32 evaluation. Petr Gajdos 2016-10-20 06:18:51 +0000
282e4f3492 Accepting request 424160 from graphics Dominique Leuenberger 2016-09-07 09:40:56 +0000
48cdb19075 - update to 1.6.25: Reject oversized iCCP profile immediately. Conditionally compile png_inflate(). Don't install pngcp; it conflicts with pngcp in the pngtools package. Added MIPS support (Mandar Sahastrabuddhe < Petr Gajdos 2016-09-01 08:48:31 +0000
3c503bd315 Accepting request 416863 from graphics Dominique Leuenberger 2016-08-06 18:36:09 +0000
6bc0cde88a - update to 1.6.24: Avoid potential overflow of the PNG_IMAGE_SIZE macro. Correct filter heuristic overflow handling. Use a more efficient absolute value calculation on SSE2. Added pngcp. etc. see ANNOUNCE Petr Gajdos 2016-08-04 06:31:09 +0000
a6a00192a4 Accepting request 416808 from home:susnux:branches:graphics Petr Gajdos 2016-08-04 06:18:33 +0000
604e97a8bd Accepting request 398278 from graphics Dominique Leuenberger 2016-05-29 01:06:45 +0000
32b40ffb9f - update to 1.6.22: Added a png_image_write_to_memory() API and a number of assist macros to allow an application that uses the simplified API write to bypass stdio and write directly to memory. Relaxed limit checks on gamma values in pngrtran.c. As suggested in the comments gamma values outside the range currently permitted by png_set_alpha_mode are useful for HDR data encoding. These values are already permitted by png_set_gamma so it is reasonable caution to extend the png_set_alpha_mode range as HDR imaging systems are starting to emerge. Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that were accidentally removed from libpng-1.6.17. Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h (Robert C. Seacord). Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.). SSE filter speed improvements for bpp=3: memcpy-free implementations of load3() / store3(). Added PNG_FAST_FILTERS macro (defined as PNG_FILTER_NONE|PNG_FILTER_SUB|PNG_FILTER_UP). Petr Gajdos 2016-05-26 15:01:34 +0000
5375ffbbf0 Accepting request 354392 from graphics Dominique Leuenberger 2016-01-23 00:16:00 +0000
e08ba90d0f Accepting request 354391 from home:jengelh:branches:graphics Ismail Dönmez 2016-01-17 14:57:18 +0000
9e790ed05a Accepting request 347335 from graphics Dominique Leuenberger 2015-12-09 18:33:24 +0000
5646b27ba7 - update to 1.6.20: Avoid potential pointer overflow/underflow in png_handle_sPLT() and png_handle_pCAL() (Bug report by John Regehr). Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 vulnerability. Backported tests from libpng-1.7.0beta69. Fixed an error in handling of bad zlib CMINFO field in pngfix, found by American Fuzzy Lop, reported by Brian Carpenter. inflate() doesn't immediately fault a bad CMINFO field; instead a 'too far back' error happens later (at least some times). pngfix failed to limit CMINFO to the allowed values but then assumed that window_bits was in range, triggering an assert. The bug is mostly harmless; the PNG file cannot be fixed. In libpng 1.6 zlib initialization was changed to use the window size in the zlib stream, not a fixed value. This causes some invalid images, where CINFO is too large, to display 'correctly' if the rest of the data is valid. This provides a workaround for zlib versions where the error arises (ones that support the API change to use the window size in the stream). Petr Gajdos 2015-12-03 15:14:24 +0000
0e7cee7f13 Accepting request 344157 from graphics Dominique Leuenberger 2015-11-17 13:21:24 +0000
35368c612d - update to 1.6.19: Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c Fixed uninitialized variable in contrib/gregbook/rpng2-x.c Fixed the recently reported 1's complement security issue. Fixed png_save_int_32 when int is not 2's complement by replacing the value that is illegal in the PNG spec, in both signed and unsigned values, with 0. etc., see ANNOUNCE and CHANGES for details - removed: libpng-rgb_to_gray-checks.patch (upstreamed) Petr Gajdos 2015-11-13 07:46:48 +0000
3d5d585ed5 Accepting request 323168 from graphics Dominique Leuenberger 2015-08-17 15:26:07 +0000
2d78fea3f9 - drop unknown configure switch Petr Gajdos 2015-08-07 14:20:27 +0000
450dc1e3a2 Accepting request 293905 from graphics Dominique Leuenberger 2015-04-07 07:27:42 +0000
2941154e3c - updated to 1.6.17: Petr Gajdos 2015-04-01 11:11:37 +0000
eaa7188047 - Fixed rgb_to_gray checks and added tRNS checks to pngvalid.c. + libpng-rgb_to_gray-checks.patch Petr Gajdos 2015-04-01 11:08:39 +0000
e5bea13bdb - updated to 1.6.27: Corrected the width limit calculation in png_check_IHDR(). Removed user limits from pngfix. Also pass NULL pointers to png_read_row to skip the unnecessary row de-interlace stuff. Implement previously untested cases of libpng transforms in pngvalid.c Fixed byte order in 2-byte filler, in png_do_read_filler(). Made the check for out-of-range values in png_set_tRNS() detect values that are exactly 2^bit_depth, and work on 16-bit platforms. Merged some parts of libpng-1.6.17beta01 and libpng-1.7.0beta47. Added #ifndef __COVERITY__ where needed in png.c, pngrutil.c and pngset.c to avoid warnings about dead code. Do not build png_product2() when it is unused. Display user limits in the output from pngtest. Eliminated the PNG_SAFE_LIMITS macro and restored the 1-million-column and 1-million-row default limits in pnglibconf.dfa, that can be reset by the user at build time or run time. This provides a more robust defense against DOS and as-yet undiscovered overflows. Added PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED macro, on by default. Allow user to call png_get_IHDR() with NULL arguments (Reuben Hawkins). Moved png_set_filter() prototype into a PNG_WRITE_SUPPORTED block of png.h. Free the unknown_chunks structure even when it contains no data. Fixed simplified 8-bit-linear to sRGB alpha. The calculated alpha value was wrong. It's not clear if this affected the final stored value; in the obvious code path the upper and lower 8-bits of the alpha value were identical and the alpha was truncated to 8-bits rather than dividing by 257 (John Bowler). Petr Gajdos 2015-03-30 07:13:45 +0000
f43a3f5d2a Accepting request 282344 from graphics Dominique Leuenberger 2015-01-23 15:18:57 +0000
356d4a7869 - build with PNG_SAFE_LIMITS_SUPPORTED [bnc#912076], [bnc#912929] Petr Gajdos 2015-01-13 16:59:41 +0000
c10b6a4b48 Accepting request 279946 from graphics Dominique Leuenberger 2015-01-08 22:20:07 +0000
3d6e3910bf - updated to 1.6.16: * Restored a test on width that was removed from png.c at libpng-1.6.9 (Bug report by Alex Eubanks). * Fixed an overflow in png_combine_row with very wide interlaced images. Petr Gajdos 2014-12-29 14:30:26 +0000
58e3b72ad5 Accepting request 262526 from graphics Dominique Leuenberger 2014-11-24 10:13:17 +0000
58e3f7658d - updated to 1.6.15: * Avoid out-of-bounds memory access in png_user_version_check(). * Fixed incorrect handling of the iTXt compression. * Free all allocated memory in pngimage. * Fixed array size calculations to avoid warnings. etc. see ANNOUNCE Petr Gajdos 2014-11-20 20:12:18 +0000
89d1aad626 Accepting request 245710 from graphics Stephan Kulow 2014-08-28 08:01:53 +0000
8bbae2fc89 - updated to 1.6.13: a "cleanup" release that have no security fixes or new features. Petr Gajdos 2014-08-22 05:56:30 +0000
d28a770632 Accepting request 236983 from graphics Stephan Kulow 2014-06-18 05:49:36 +0000
2c87a7b9e0 - removed libpng16-1.6.9-CVE-2014-0333.patch (upstreamed) Petr Gajdos 2014-06-12 13:58:55 +0000
d80e3bc45a - updated to 1.6.12: * bugfixes, almost build-related only Petr Gajdos 2014-06-12 05:44:17 +0000
4dca59897d - updated to 1.6.11: * fixed CVE-2014-0333 * other bugfixes - removed libpng16-1.6.6-CVE-2014-0333.patch (upstreamed) Petr Gajdos 2014-06-06 06:24:33 +0000
518465b433 Accepting request 224574 from graphics Tomáš Chvátal 2014-03-05 14:36:32 +0000
8f70075f41 - fixed CVE-2014-0333 [bnc#866298] - added patches: * libpng16-1.6.6-CVE-2014-0333.patch Petr Gajdos 2014-03-04 10:07:50 +0000
8efa07f222 Accepting request 221207 from graphics Tomáš Chvátal 2014-02-09 12:17:51 +0000

Commit Graph Select branches Hide Pull Requests devel factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

devel

factory