Fix a buffer overrun in png_do_read_filler() with 16-bit samples, as

reported to the png-implement mailing list by Glenn Randers-Pehrson: ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212 [Glenn Randers-Pehrson is the original author and chief maintainer of libpng.] From the discussion in the archive, it appears to be unlikely that the bug could be exploited by a malicious web-server, chiefly because the operation that triggers it is more likely to be carried out by an image manipulation program (i.e. pngcrush), than by a web browser.
author: fredb <fredb@pkgsrc.org> 2002-12-19 21:25:09 +0000
committer: fredb <fredb@pkgsrc.org> 2002-12-19 21:25:09 +0000
commit: ef1cddb8ab59289f7f6078aac2647477c16f3682 (patch)
tree: a40c6d14dd96d19b3a84817bcb495f785a4a38f3 /graphics/png/distinfo
parent: 39d32aa51005d17a05a61e307c6203960e77bd5e (diff)
download: pkgsrc-ef1cddb8ab59289f7f6078aac2647477c16f3682.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/graphics/png/distinfo b/graphics/png/distinfo
index e9f789e66b6..c17be0fdc8e 100644
--- a/graphics/png/distinfo
+++ b/graphics/png/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.11 2002/11/06 21:30:20 fredb Exp $
+$NetBSD: distinfo,v 1.12 2002/12/19 21:25:09 fredb Exp $
 
 SHA1 (libpng-1.2.5.tar.bz2) = 6752eaf1a604edbbb0149b781155ef9cb47d80c3
 Size (libpng-1.2.5.tar.bz2) = 378030 bytes
 SHA1 (patch-aa) = 6cc8354eccd61a4355d64ca456dc950f379701ad
 SHA1 (patch-ab) = be7dc4a3e21c0056a913c5f1488528558024e6ea
+SHA1 (patch-ac) = 4ed570271a509747d300d38207b08e07f1adff3d
author	fredb <fredb@pkgsrc.org>	2002-12-19 21:25:09 +0000
committer	fredb <fredb@pkgsrc.org>	2002-12-19 21:25:09 +0000
commit	ef1cddb8ab59289f7f6078aac2647477c16f3682 (patch)
tree	a40c6d14dd96d19b3a84817bcb495f785a4a38f3 /graphics/png/distinfo
parent	39d32aa51005d17a05a61e307c6203960e77bd5e (diff)
download	pkgsrc-ef1cddb8ab59289f7f6078aac2647477c16f3682.tar.gz