pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/png Updated png to 1.6.32.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/92db22051afe
branches:  trunk
changeset: 367214:92db22051afe
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Sat Aug 26 05:50:00 2017 +0000

description:
Updated png to 1.6.32.

Version 1.6.32beta01 [July 31, 2017]
  Avoid possible NULL dereference in png_handle_eXIf when benign_errors
    are allowed. Avoid leaking the input buffer "eXIf_buf".
  Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif
    to arguments for png_get_eXIf() and png_set_eXIf().
  Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in
    pngwrite.c, and made various other fixes to png_write_eXIf().
  Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and
    png_set_eXIf_1(), respectively, to avoid breaking API compatibility
    with libpng-1.6.31.

Version 1.6.32beta02 [August 1, 2017]
  Updated contrib/libtests/pngunknown.c with eXIf chunk.

Version 1.6.32beta03 [August 2, 2017]
  Initialized btoa[] in pngstest.c
  Stop memory leak when returning from png_handle_eXIf() with an error
    (Bug report from the OSS-fuzz project).

Version 1.6.32beta04 [August 2, 2017]
  Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
  Update libpng.3 and libpng-manual.txt about eXIf functions.

Version 1.6.32beta05 [August 2, 2017]
  Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability.

Version 1.6.32beta06 [August 2, 2017]
  Removed png_get_eXIf_1() and png_set_eXIf_1().

Version 1.6.32beta07 [August 3, 2017]
  Check length of all chunks except IDAT against user limit to fix an
    OSS-fuzz issue.

Version 1.6.32beta08 [August 3, 2017]
  Check length of IDAT against maximum possible IDAT size, accounting
    for height, rowbytes, interlacing and zlib/deflate overhead.
  Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf)
    does not work (the eXIf chunk data can contain zeroes).

Version 1.6.32beta09 [August 3, 2017]
  Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation,
    no longer using deprecated cmake LOCATION feature (Clifford Yapp).
  Fixed five-byte error in the calculation of IDAT maximum possible size.

Version 1.6.32beta10 [August 5, 2017]
  Moved chunk-length check into a png_check_chunk_length() private
    function (Suggested by Max Stepin).
  Moved bad pngs from tests to contrib/libtests/crashers
  Moved testing of bad pngs into a separate tests/pngtest-badpngs script
  Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL
    in the output but PASS for the libpng test.
  Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp).
  Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the
    num_exif argument to png_get_eXIf_1() (Github Issue 171).

Version 1.6.32beta11 [August 7, 2017]
  Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
  Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers.
  Make pngtest --strict, --relax, --xfail options imply -m (multiple).
  Removed unused chunk_name parameter from png_check_chunk_length().
  Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
  Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR.
  Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
  Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account
    for the minimum 'deflate' stream, and relocate the test to a point
    after the keyword has been read.
  Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM".

Version 1.6.32rc01 [August 18, 2017]
  Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers,
    one for each known chunk type, with length = 2GB-1.
  Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts
    in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706,
    and 162707).
  Renamed chunks in contrib/testpngs/crashers to avoid having files whose
    names differ only in case; this causes problems with some platforms
    (github issue #172).

Version 1.6.32rc02 [August 22, 2017]
  Added contrib/oss-fuzz directory which contains files used by the oss-fuzz
    project (https://github.com/google/oss-fuzz/tree/master/projects/libpng).

Version 1.6.32 [August 24, 2017]
  No changes.

diffstat:

 graphics/png/Makefile |   4 ++--
 graphics/png/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (28 lines):

diff -r 80f57da046c8 -r 92db22051afe graphics/png/Makefile
--- a/graphics/png/Makefile     Sat Aug 26 05:48:07 2017 +0000
+++ b/graphics/png/Makefile     Sat Aug 26 05:50:00 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.193 2017/07/27 22:07:07 wiz Exp $
+# $NetBSD: Makefile,v 1.194 2017/08/26 05:50:00 wiz Exp $
 
-DISTNAME=      libpng-1.6.31
+DISTNAME=      libpng-1.6.32
 PKGNAME=       ${DISTNAME:S/lib//}
 CATEGORIES=    graphics
 MASTER_SITES=  https://ftp-osl.osuosl.org/pub/libpng/src/archive/xz/libpng16/
diff -r 80f57da046c8 -r 92db22051afe graphics/png/distinfo
--- a/graphics/png/distinfo     Sat Aug 26 05:48:07 2017 +0000
+++ b/graphics/png/distinfo     Sat Aug 26 05:50:00 2017 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.137 2017/07/27 22:07:07 wiz Exp $
+$NetBSD: distinfo,v 1.138 2017/08/26 05:50:00 wiz Exp $
 
-SHA1 (libpng-1.6.31.tar.xz) = de695064363df331734466981ef7f6546ef516bf
-RMD160 (libpng-1.6.31.tar.xz) = 097b1f95b7ed70ac33dc71b9d7ec1f10bdfe5693
-SHA512 (libpng-1.6.31.tar.xz) = 714da63e19d32eadeeb44edf7f2afeaf6ac59f2756e0951015313a98c0f3c1216296886301c5704958b56f4c96b00725791ba2efe9f26b4a92cd743410cc36a9
-Size (libpng-1.6.31.tar.xz) = 991824 bytes
+SHA1 (libpng-1.6.32.tar.xz) = 161d91d15cfd739773e0a73b41032b9f27322914
+RMD160 (libpng-1.6.32.tar.xz) = e0998ca79f73457c086b248ab06b31fad414e061
+SHA512 (libpng-1.6.32.tar.xz) = 24cf4d38dc08d1db7721fc580d8bf6cee9a105afcea32f1245b7bb3727c8a8645ad733a24534782ef5dfb0d4315a5fd6b0eee9e7f0704e0c635350f80c19a708
+Size (libpng-1.6.32.tar.xz) = 997136 bytes
 SHA1 (patch-pngpriv.h) = 3da29edb5d89ab26b9787a71b87c3fd8f451ea39



Home | Main Index | Thread Index | Old Index