diff options
author | wiz <wiz@pkgsrc.org> | 2012-03-29 13:26:33 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2012-03-29 13:26:33 +0000 |
commit | cf4f82bc6a9e452eb1ab5375dca9c30301a5708d (patch) | |
tree | 9d90fa5defd6011f6f6671b46b4c9892ebba534a /graphics | |
parent | b371cef57208f73a4a981bde9846475367362259 (diff) | |
download | pkgsrc-cf4f82bc6a9e452eb1ab5375dca9c30301a5708d.tar.gz |
Update to 1.5.10 (security fix):
Version 1.5.10beta01 [February 24, 2012]
Removed two useless #ifdef directives from pngread.c and one from pngrutil.c
Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case).
Removed empty vstudio/pngstest directory (Clifford Yapp).
Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
now that png_ptr->buffer is inaccessible to applications, the special
handling is no longer useful.
Fixed bug with png_handle_hIST with odd chunk length (Frank Busse).
Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure
command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h.
Revised the SAFE_LIMITS feature to be the same as the feature in libpng16.
Added information about the new limits in the manual.
Version 1.5.10beta02 [February 27, 2012]
Updated Makefile.in
Version 1.5.10beta03 [March 6, 2012]
Removed unused "current_text" members of png_struct and the png_free()
of png_ptr->current_text from pngread.c
Added palette-index checking. Issue a png_warning() if an invalid index is
found.
Version 1.5.10beta04 [March 10, 2012]
Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition.
Fixed CMF optimization of non-IDAT compressed chunks, which was added at
libpng-1.5.4. It sometimes produced too small of a window.
Version 1.5.10beta05 [March 10, 2012]
Reject all iCCP chunks after the first, even if the first one is invalid.
Issue a png_benign_error() instead of png_warning() about bad palette index.
Fixed an off-by-one error in the palette index checking function.
Revised example.c to put text strings in a temporary character array
instead of directly assigning string constants to png_textp members.
This avoids compiler warnings when -Wwrite-strings is enabled.
Version 1.5.10 [March 29, 2012]
Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice.
Revised png_set_text_2() to avoid potential memory corruption (fixes
CVE-2011-3048).
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/png/Makefile | 5 | ||||
-rw-r--r-- | graphics/png/distinfo | 9 | ||||
-rw-r--r-- | graphics/png/patches/patch-pngread.c | 15 |
3 files changed, 6 insertions, 23 deletions
diff --git a/graphics/png/Makefile b/graphics/png/Makefile index 139c5b25bbd..e6064d20a9c 100644 --- a/graphics/png/Makefile +++ b/graphics/png/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.147 2012/02/20 22:42:29 wiz Exp $ +# $NetBSD: Makefile,v 1.148 2012/03/29 13:26:33 wiz Exp $ -DISTNAME= libpng-1.5.9 +DISTNAME= libpng-1.5.10 PKGNAME= ${DISTNAME:S/lib//} -PKGREVISION= 1 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libpng/} \ ftp://ftp.fu-berlin.de/unix/graphics/png/src/ diff --git a/graphics/png/distinfo b/graphics/png/distinfo index e1c8ce06ef8..7aa187c6bf6 100644 --- a/graphics/png/distinfo +++ b/graphics/png/distinfo @@ -1,7 +1,6 @@ -$NetBSD: distinfo,v 1.94 2012/02/20 22:42:29 wiz Exp $ +$NetBSD: distinfo,v 1.95 2012/03/29 13:26:33 wiz Exp $ -SHA1 (libpng-1.5.9.tar.bz2) = 844e6ebc739a332178a327e74ff7c42ddb93f442 -RMD160 (libpng-1.5.9.tar.bz2) = 02404bcbc695964c951905a489f1f0654b62670b -Size (libpng-1.5.9.tar.bz2) = 865782 bytes +SHA1 (libpng-1.5.10.tar.bz2) = e0e3de999095b737d134bd5f76d27188d26a41b2 +RMD160 (libpng-1.5.10.tar.bz2) = 7b7e0b8f316404df0a88c535c25a27f9e3c1a57a +Size (libpng-1.5.10.tar.bz2) = 875183 bytes SHA1 (patch-aa) = aaf79ebb8a18448c096c17ae9b02da02bc537db2 -SHA1 (patch-pngread.c) = e824c26fdf2d868fc19816f5254e9d54b6f3ccda diff --git a/graphics/png/patches/patch-pngread.c b/graphics/png/patches/patch-pngread.c deleted file mode 100644 index ab50e894eac..00000000000 --- a/graphics/png/patches/patch-pngread.c +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-pngread.c,v 1.1 2012/02/20 22:42:29 wiz Exp $ - -Fix typo in define. From John Bowler <jbowler@acm.org>. - ---- pngread.c.orig 2012-02-18 20:31:14.000000000 +0000 -+++ pngread.c -@@ -72,7 +72,7 @@ png_create_read_struct_2,(png_const_char - png_ptr->user_chunk_cache_max = PNG_USER_CHUNK_CACHE_MAX; - # endif - --# ifdef PNG_SET_USER_CHUNK_MALLOC_MAX -+# ifdef PNG_USER_CHUNK_MALLOC_MAX - /* Added at libpng-1.2.43 and 1.4.1 */ - png_ptr->user_chunk_malloc_max = PNG_USER_CHUNK_MALLOC_MAX; - # endif |