| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Version 1.6.29beta01 [January 12, 2017]
Readded "include(GNUInstallDirs)" to CMakeLists.txt (Gianfranco Costamagna).
Moved SSE2 optimization code into the main libpng source directory.
Configure libpng with "configure --enable-intel-sse" or compile
libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it.
Simplified conditional compilation in pngvalid.c, for AIX (Michael Felt).
Version 1.6.29beta02 [February 22, 2017]
Avoid conditional directives that break statements in pngrutil.c (Romero
Malaquias)
The contrib/examples/pngtopng.c recovery code was in the wrong "if"
branches; the comments were correct.
Added code for PowerPC VSX optimisation (Vadim Barkov).
Version 1.6.29beta03 [March 1, 2017]
Avoid potential overflow of shift operations in png_do_expand() (Aaron Boxer).
Change test ZLIB_VERNUM >= 0x1281 to ZLIB_VERNUM >= 0x1290 in pngrutil.c
because Solaris 11 distributes zlib-1.2.8.f that is older than 1.2.8.1.
Suppress clang warnings about implicit sign changes in png.c
Version 1.6.29 [March 16, 2017]
No changes.
|
|
Version 1.6.28rc01 [January 3, 2017]
Fixed arm/aarch64 detection in CMakeLists.txt (Gianfranco Costamagna).
Added option to Cmake build allowing a custom location of zlib to be
specified in a scenario where libpng is being built as a subproject
alongside zlib by another project (Sam Serrels).
Changed png_ptr->options from a png_byte to png_uint_32, to accomodate
up to 16 options.
Version 1.6.28rc02 [January 4, 2017]
Added "include(GNUInstallDirs)" to CMakeLists.txt (Gianfranco Costamagna).
Moved SSE2 optimization code into the main libpng source directory.
Configure libpng with "configure --enable-intel-sse" or compile
libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it.
Version 1.6.28rc03 [January 4, 2017]
Backed out the SSE optimization and last CMakeLists.txt to allow time for QA.
Version 1.6.28 [January 5, 2017]
No changes.
|
|
Version 1.6.27beta01 [November 2, 2016]
Restrict the new ADLER32-skipping to IDAT chunks. It broke iCCP chunk
handling: an erroneous iCCP chunk would throw a png_error and reject the
entire PNG image instead of rejecting just the iCCP chunk with a warning,
if built with zlib-1.2.8.1.
Version 1.6.27rc01 [December 27, 2016]
Control ADLER32 checking with new PNG_IGNORE_ADLER32 option.
Removed the use of a macro containing the pre-processor 'defined'
operator. It is unclear whether this is valid; a macro that
"generates" 'defined' is not permitted, but the use of the word
"generates" within the C90 standard seems to imply more than simple
substitution of an expression itself containing a well-formed defined
operation.
Added ARM support to CMakeLists.txt (Andreas Franek).
Version 1.6.27 [December 29, 2016]
Fixed a potential null pointer dereference in png_set_text_2() (bug report
and patch by Patrick Keshishian).
|
|
Version 1.6.26beta01 [September 26, 2016]
Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo,
bugfix by John Bowler).
Do not issue a png_error() on read in png_set_pCAL() because png_handle_pCAL
has allocated memory that libpng needs to free.
Conditionally compile png_set_benign_errors() in pngread.c and pngtest.c
Issue a png_benign_error instead of a png_error on ADLER32 mismatch
while decoding compressed data chunks.
Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and
pngrutil.c.
If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE,
ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs.
Issue png_benign_error() on ADLER32 checksum mismatch instead of png_error().
Add tests/badcrc.png and tests/badadler.png to tests/pngtest.
Merged pngtest.c with libpng-1.7.0beta84/pngtest.c
Version 1.6.26beta02 [October 1, 2016]
Updated the documentation about CRC and ADLER32 handling.
Quieted 117 warnings from clang-3.8 in pngtrans.c, pngread.c,
pngwrite.c, pngunknown.c, and pngvalid.c.
Quieted 58 (out of 144) -Wconversion compiler warnings by changing
flag definitions in pngpriv.h from 0xnnnn to 0xnnnnU and trivial changes
in png.c, pngread.c, and pngwutil.c.
Version 1.6.26beta03 [October 2, 2016]
Removed contrib/libtests/*.orig and *.rej that slipped into the tarballs.
Quieted the 86 remaining -Wconversion compiler warnings by
revising the png_isaligned() macro and trivial changes in png.c,
pngerror.c, pngget.c, pngmem.c, pngset.c, pngrtran.c, pngrutil.c,
pngwtran.c, pngwrite.c, and pngwutil.c.
Version 1.6.26beta04 [October 3, 2016]
Quieted (bogus?) clang warnings about "absolute value has no effect"
when PNG_USE_ABS is defined.
Fixed offsets in contrib/intel/intel_sse.patch
Version 1.6.26beta05 [October 6, 2016]
Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h
to avoid a signed/unsigned compare in the preprocessor.
Version 1.6.26beta06 [October 7, 2016]
Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to
optionally avoid ADLER32 evaluation.
Version 1.6.26rc01 [October 12, 2016]
No changes.
Version 1.6.26 [October 20, 2016]
Cosmetic change, "ptr != 0" to "ptr != NULL" in png.c and pngrutil.c
Despammed email addresses (replaced "@" with " at ").
|
|
Changes since the last public release (1.6.24):
Reject oversized iCCP profile immediately.
Cleaned up PNG_DEBUG compile of pngtest.c.
Conditionally compile png_inflate().
Don't install pngcp; it conflicts with pngcp in the pngtools package.
Minor editing of INSTALL, (whitespace, added copyright line)
Added MIPS support (Mandar Sahastrabuddhe <Mandar.Sahastrabuddhe@imgtec.com>).
Rebased contrib/intel/intel_sse.patch after the MIPS implementation.
|
|
Version 1.6.24beta01 [June 11, 2016]
Avoid potential overflow of the PNG_IMAGE_SIZE macro. This macro
is not used within libpng, but is used in some of the examples.
Version 1.6.24beta02 [June 23, 2016]
Correct filter heuristic overflow handling. This was broken when the
write filter code was moved out-of-line; if there is a single filter and
the heuristic sum overflows the calculation of the filtered line is not
completed. In versions prior to 1.6 the code was duplicated in-line
and the check not performed, so the filter operation completed; however,
in the multi-filter case where the sum is performed the 'none' filter would
be selected if all the sums overflowed, even if it wasn't in the filter
list. The fix to the first problem is simply to provide PNG_SIZE_MAX as
the current lmins sum value; this means the sum can never exceed it and
overflows silently. A reasonable compiler that does choose to inline
the code will simply eliminate the sum check.
The fix to the second problem is to use high precision arithmetic (this is
implemented in 1.7), however a simple safe fix here is to chose the lowest
numbered filter in the list from png_set_filter (this only works if the
first problem is also fixed) (John Bowler).
Use a more efficient absolute value calculation on SSE2 (Matthieu Darbois).
Fixed the case where PNG_IMAGE_BUFFER_SIZE can overflow in the application
as a result of the application using an increased 'row_stride'; previously
png_image_finish_read only checked for overflow on the base calculation of
components. (I.e. it checked for overflow of a 32-bit number on the total
number of pixel components in the output format, not the possibly padded row
length and not the number of bytes, which for linear formats is twice the
number of components.)
MSVC does not like '-(unsigned)', so replaced it with 0U-(unsigned)
MSVC does not like (uInt) = -(unsigned) (i.e. as an initializer), unless
the conversion is explicitly invoked by a cast.
Put the SKIP definition in the correct place. It needs to come after the
png.h include (see all the other .c files in contrib/libtests) because it
depends on PNG_LIBPNG_VER.
Removed the three compile warning options from the individual project
files into the zlib.props globals. It increases the warning level from 4
to All and adds a list of the warnings that need to be turned off. This is
semi-documentary; the intent is to tell libpng users which warnings have
been examined and judged non-fixable at present. The warning about
structure padding is fixable, but it would be a signficant change (moving
structure members around).
Version 1.6.24beta03 [July 4, 2016]
Optimized absolute value calculation in filter selection, similar to
code in the PAETH decoder in pngrutil.c. Build with PNG_USE_ABS to
use this.
Added pngcp to the build together with a pngcp.dfa configuration test.
Added high resolution timing to pngcp.
Added "Common linking failures" section to INSTALL.
Relocated misplaced #endif in png.c sRGB profile checking.
Fixed two Coverity issues in pngcp.c.
Version 1.6.24beta04 [July 8, 2016]
Avoid filter-selection heuristic sum calculations in cases where only one
filter is a candidate for selection. This trades off code size (added
private png_setup_*_row_only() functions) for speed.
Version 1.6.24beta05 [July 13, 2016]
Fixed some indentation to comply with our coding style.
Added contrib/tools/reindent.
Version 1.6.24beta06 [July 18, 2016]
Fixed more indentation to comply with our coding style.
Eliminated unnecessary tests of boolean png_isaligned() vs 0.
Version 1.6.24rc01 [July 25, 2016]
No changes.
Version 1.6.24rc02 [August 1, 2016]
Conditionally compile SSE2 headers in contrib/intel/intel_sse.patch
Conditionally compile png_decompress_chunk().
Version 1.6.24rc03 [August 2, 2016]
Conditionally compile ARM_NEON headers in pngpriv.h
Updated contrib/intel/intel_sse.patch
Version 1.6.24[August 4, 2016]
No changes.
|
|
Version 1.6.23beta01 [May 29, 2016]
Stop a potential memory leak in png_set_tRNS() (Bug report by Ted Ying).
Fixed the progressive reader to handle empty first IDAT chunk properly
(patch by Timothy Nikkel). This bug was introduced in libpng-1.6.0 and
only affected the libpng16 branch.
Added tests in pngvalid.c to check zero-length IDAT chunks in various
positions. Fixed the sequential reader to handle these more robustly
(John Bowler).
Version 1.6.23rc01 [June 2, 2016]
Corrected progressive read input buffer in pngvalid.c. The previous version
the code invariably passed just one byte at a time to libpng. The intent
was to pass a random number of bytes in the range 0..511.
Moved sse2 prototype from pngpriv.h to contrib/intel/intel_sse.patch.
Added missing ")" in pngerror.c (Matt Sarrett).
Version 1.6.23rc02 [June 4, 2016]
Fixed undefined behavior in png_push_save_buffer(). Do not call
memcpy() with a null source, even if count is zero (Leon Scroggins III).
Version 1.6.23 [June 9, 2016]
Fixed bad link to RFC2083 in png.5 (Nikola Forro).
|
|
Version 1.6.22beta01 [January 23, 2016]
Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate
"tmpfile()" implementation in contrib/libtests/pngstest.c
Fixed NO_STDIO build of pngunknown.c to skip calling png_init_io()
if there is no stdio.h support.
Added a png_image_write_to_memory() API and a number of assist macros
to allow an application that uses the simplified API write to bypass
stdio and write directly to memory.
Added some warnings (png.h) and some check code to detect *possible*
overflow in the ROW_STRIDE and simplified image SIZE macros. This
disallows image width/height/format that *might* overflow. This is
a quiet API change that limits in-memory image size (uncompressed) to
less than 4GByte and image row size (stride) to less than 2GByte.
Revised workaround for false-positive Coverity issue in pngvalid.c.
Version 1.6.22beta02 [February 8, 2016]
Only use exit(77) in configure builds.
Corrected error in PNG_IMAGE_PNG_SIZE_MAX. This new macro underreported
the palette size because it failed to take into account that the memory
palette has to be expanded to full RGB when it is written to PNG.
Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in
and test.cmake.in (Roger Leigh).
Relaxed limit checks on gamma values in pngrtran.c. As suggested in
the comments gamma values outside the range currently permitted
by png_set_alpha_mode are useful for HDR data encoding. These values
are already permitted by png_set_gamma so it is reasonable caution to
extend the png_set_alpha_mode range as HDR imaging systems are starting
to emerge.
Version 1.6.22beta03 [March 9, 2016]
Added a common-law trademark notice and export control information
to the LICENSE file, png.h, and the man page.
Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that
were accidentally removed from libpng-1.6.17.
Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h
(Robert C. Seacord).
Removed dubious "#if INT_MAX" test from png.h that was added to
libpng-1.6.19beta02 (John Bowler).
Add ${INCLUDES} in scripts/genout.cmake.in (Bug report by Nixon Kwok).
Updated LICENSE to say files in the contrib directory are not
necessarily under the libpng license, and that some makefiles have
other copyright owners.
Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.).
Made contrib/libtests/timepng more robust. The code no longer gives
up/fails on invalid PNG data, it just skips it (with error messages).
The code no longer fails on PNG files with data beyond IEND. Options
exist to use png_read_png (reading the whole image, not by row) and, in
that case, to apply any of the supported transforms. This makes for
more realistic testing; the decoded data actually gets used in a
meaningful fashion (John Bowler).
Fixed some misleading indentation (Krishnaraj Bhat).
Version 1.6.22beta04 [April 5, 2016]
Force GCC compilation to C89 if needed (Dagobert Michelsen).
SSE filter speed improvements for bpp=3:
memcpy-free implementations of load3() / store3().
call load3() only when needed at the end of a scanline.
Version 1.6.22beta05 [April 27, 2016]
Added PNG_FAST_FILTERS macro (defined as
PNG_FILTER_NONE|PNG_FILTER_SUB|PNG_FILTER_UP).
Various fixes for contrib/libtests/timepng.c
Moved INTEL-SSE code from pngpriv.h into contrib/intel/intel_sse.patch.
Fixed typo (missing underscore) in #define PNG_READ_16_TO_8_SUPPORTED
(Bug report by Y.Ohashik).
Version 1.6.22beta06 [May 5, 2016]
Rebased contrib/intel_sse.patch.
Quieted two Coverity issues in contrib/libtests/timepng.c.
Fixed issues with scripts/genout.cmake.in (David Capello, Nixon Kwok):
Added support to use multiple directories in ZLIBINCDIR variable,
Fixed CMAKE_C_FLAGS with multiple values when genout is compiled on MSVC,
Fixed pnglibconf.c compilation on OS X including the sysroot path.
Version 1.6.22rc01 [May 14, 2016]
No changes.
Version 1.6.22rc02 [May 16, 2016]
Removed contrib/timepng from default build; it does not build on platforms
that don't supply clock_gettime().
Version 1.6.22rc03 [May 17, 2016]
Restored contrib/timepng to default build but check for the presence
of clock_gettime() in configure.ac and Makefile.am.
Version 1.6.22 [May 26, 2016]
No changes.
|
|
Version 1.6.21beta01 [December 11, 2015]
Fixed syntax "$(command)" in tests/pngstest that some shells other than
bash could not parse (Bug report by Nelson Beebe). Use `command` instead.
Version 1.6.21beta02 [December 14, 2015]
Moved png_check_keyword() from pngwutil.c to pngset.c
Removed LE/BE dependencies in pngvalid, to 'fix' the current problem
in the BigEndian tests by not testing it, making the BE code the same
as the LE version.
Fixes to pngvalid for various reduced build configurations (eliminate unused
statics) and a fix for the case in rgb_to_gray when the digitize option
reduces graylo to 0, producing a large error.
Version 1.6.21beta03 [December 18, 2015]
Widened the 'limit' check on the internally calculated error limits in
the 'DIGITIZE' case (the code used prior to 1.7 for rgb_to_gray error
checks) and changed the check to only operate in non-release builds
(base build type not RC or RELEASE.)
Fixed undefined behavior in pngvalid.c, undefined because
(png_byte) << shift is undefined if it changes the signed bit
(because png_byte is promoted to int). The libpng exported functions
png_get_uint_32 and png_get_uint_16 handle this. (Bug reported by
David Drysdale as a result of reports from UBSAN in clang 3.8).
This changes pngvalid to use BE random numbers; this used to produce
errors but these should not be fixed as a result of the previous changes.
Version 1.6.21rc01 [January 4, 2016]
In projects/vstudio, combined readme.txt and WARNING into README.txt
Version 1.6.21rc02 [January 7, 2016]
Relocated assert() in contrib/tools/pngfix.c, bug found by American
Fuzzy Lop, reported by Brian Carpenter.
Marked 'limit' UNUSED in transform_range_check(). This only affects
release builds.
Version 1.6.21 [January 15, 2016]
Worked around a false-positive Coverity issue in pngvalid.c.
|
|
Version 1.6.20beta01 [November 20, 2015]
Avoid potential pointer overflow/underflow in png_handle_sPLT() and
png_handle_pCAL() (Bug report by John Regehr).
Version 1.6.20beta02 [November 23, 2015]
Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
vulnerability.
Version 1.6.20beta03 [November 24, 2015]
Backported tests from libpng-1.7.0beta69.
Version 1.6.20rc01 [November 26, 2015]
Fixed an error in handling of bad zlib CMINFO field in pngfix, found by
American Fuzzy Lop, reported by Brian Carpenter. inflate() doesn't
immediately fault a bad CMINFO field; instead a 'too far back' error
happens later (at least some times). pngfix failed to limit CMINFO to
the allowed values but then assumed that window_bits was in range,
triggering an assert. The bug is mostly harmless; the PNG file cannot
be fixed.
Version 1.6.20rc02 [November 29, 2015]
In libpng 1.6 zlib initialization was changed to use the window size
in the zlib stream, not a fixed value. This causes some invalid images,
where CINFO is too large, to display 'correctly' if the rest of the
data is valid. This provides a workaround for zlib versions where the
error arises (ones that support the API change to use the window size
in the stream).
Version 1.6.20 [December 3, 2015]
No changes.
|
|
Libpng 1.6.19 - November 12, 2015
Changes since the last public release (1.6.18):
Updated obsolete information about the simplified API macros in the
manual pages (Bug report by Arc Riley).
Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
Rearranged png.h to put the major sections in the same order as
in libpng17.
Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and
PNG_WEIGHT_FACTOR macros.
Suppressed some warnings from the Borland C++ 5.5.1/5.82 compiler
(Bug report by Viktor Szakats). Several warnings remain and are
unavoidable, where we test for overflow.
Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
Moved config.h.in~ from the "libpng_autotools_files" list to the
"libpng_autotools_extra" list in autogen.sh because it was causing a
false positive for missing files (bug report by Robert C. Seacord).
Removed unreachable "break" statements in png.c, pngread.c, and pngrtran.c
to suppress clang warnings (Bug report by Viktor Szakats).
Fixed some bad links in the man page.
Changed "n bit" to "n-bit" in comments.
Added signed/unsigned 16-bit safety net. This removes the dubious
0x8000 flag definitions on 16-bit systems. They aren't supported
yet the defs *probably* work, however it seems much safer to do this
and be advised if anyone, contrary to advice, is building libpng 1.6
on a 16-bit system. It also adds back various switch default clauses
for GCC; GCC errors out if they are not present (with an appropriately
high level of warnings).
Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
Seacord).
Fixed the recently reported 1's complement security issue by replacing
the value that is illegal in the PNG spec, in both signed and unsigned
values, with 0. Illegal unsigned values (anything greater than or equal
to 0x80000000) can still pass through, but since these are not illegal
in ANSI-C (unlike 0x80000000 in the signed case) the checking that
occurs later can catch them (John Bowler).
Fixed png_save_int_32 when int is not 2's complement (John Bowler).
Updated libpng16 with all the recent test changes from libpng17,
including changes to pngvalid.c to ensure that the original,
distributed, version of contrib/visupng/cexcept.h can be used
(John Bowler).
pngvalid contains the correction to the use of SAVE/STORE_
UNKNOWN_CHUNKS; a bug revealed by changes in libpng 1.7. More
tests contain the --strict option to detect warnings and the
pngvalid-standard test has been corrected so that it does not
turn on progressive-read. There is a separate test which does
that. (John Bowler)
Also made some signed/unsigned fixes.
Make pngstest error limits version specific. Splitting the machine
generated error structs out to a file allows the values to be updated
without changing pngstest.c itself. Since libpng 1.6 and 1.7 have
slightly different error limits this simplifies maintenance. The
makepngs.sh script has also been updated to more accurately reflect
current problems in libpng 1.7 (John Bowler).
Incorporated new test PNG files into make check. tests/pngstest-*
are changed so that the new test files are divided into 8 groups by
gamma and alpha channel. These tests have considerably better code
and pixel-value coverage than contrib/pngsuite; however,coverage is
still incomplete (John Bowler).
Removed the '--strict' in 1.6 because of the double-gamma-correction
warning, updated pngstest-errors.h for the errors detected with the
new contrib/testspngs PNG test files (John Bowler).
Worked around rgb-to-gray issues in libpng 1.6. The previous
attempts to ignore the errors in the code aren't quite enough to
deal with the 'channel selection' encoding added to libpng 1.7; abort.
Fixed 'pow' macros in pngvalid.c. It is legal for 'pow' to be a
macro, therefore the argument list cannot contain preprocessing
directives. Make sure pow is a function where this happens. This is
a minimal safe fix, the issue only arises in non-performance-critical
code (bug report by Curtis Leach, fix by John Bowler).
Added sPLT support to pngtest.c
Prevent setting or writing over-length PLTE chunk (Cosmin Truta).
Silently truncate over-length PLTE chunk while reading.
Libpng incorrectly calculated the output rowbytes when the application
decreased either the number of channels or the bit depth (or both) in
a user transform. This was safe; libpng overallocated buffer space
(potentially by quite a lot; up to 4 times the amount required) but,
from 1.5.4 on, resulted in a png_error (John Bowler).
Fixed some inconsequential cut-and-paste typos in
png_set_cHRM_XYZ_fixed().
Clarified COPYRIGHT information to state explicitly that versions
are derived from previous versions.
Removed much of the long list of previous versions from png.h and
libpng.3.
|
|
Problems found with existing digests:
Package fotoxx distfile fotoxx-14.03.1.tar.gz
ac2033f87de2c23941261f7c50160cddf872c110 [recorded]
118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated]
Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz
34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Problems found locating distfiles:
Package AfterShotPro: missing distfile AfterShotPro-1.1.0.30/AfterShotPro_i386.deb
Package pgraf: missing distfile pgraf-20010131.tar.gz
Package qvplay: missing distfile qvplay-0.95.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
Version 1.6.18beta01 [April 1, 2015]
Removed PNG_SET_CHUNK_[CACHE|MALLOC]_LIMIT_SUPPORTED macros. They
have been combined with PNG_SET_USER_LIMITS_SUPPORTED (resolves
bug report by Andrew Church).
Fixed rgb_to_gray checks and added tRNS checks to pngvalid.c. This
fixes some arithmetic errors that caused some tests to fail on
some 32-bit platforms (Bug reports by Peter Breitenlohner [i686]
and Petr Gajdos [i586]).
Version 1.6.18beta02 [April 26, 2015]
Suppressed some warnings from the Borland C++ 5.5.1/5.82 compiler
(Bug report by Viktor Szaka'ts).
Version 1.6.18beta03 [May 6, 2015]
Replaced "unexpected" with an integer (0xabadca11) in pngset.c
where a long was expected, to avoid a compiler warning when PNG_DEBUG > 1.
Added contrib/examples/simpleover.c, to demonstrate how to handle
alpha compositing of multiple images, using the "simplified API"
and an example PNG generation tool, contrib/examples/genpng.c
(John Bowler).
Version 1.6.18beta04 [May 20, 2015]
PNG_RELEASE_BUILD replaces tests where the code depended on the build base
type and can be defined on the command line, allowing testing in beta
builds (John Bowler).
Avoid Coverity issue 80858 (REVERSE NULL) in pngtest.c PNG_DEBUG builds.
Avoid a harmless potential integer overflow in png_XYZ_from_xy() (Bug
report from Christopher Ferris).
Version 1.6.18beta05 [May 31, 2015]
Backport filter selection code from libpng-1.7.0beta51, to combine
sub_row, up_row, avg_row, and paeth_row into try_row and tst_row.
Changed png_voidcast(), etc., to voidcast(), etc., in contrib/tools/pngfix.c
to avoid confusion with the libpng private macros.
Fixed old cut&paste bug in the weighted filter selection code in
pngwutil.c, introduced in libpng-0.95, March 1997.
Version 1.6.18beta06 [June 1, 2015]
Removed WRITE_WEIGHTED_FILTERED code, to save a few kbytes of the
compiled library size. It never worked properly and as far as we can
tell, no one uses it. The png_set_filter_heuristics() and
png_set_filter_heuristics_fixed() APIs are retained but deprecated
and do nothing.
Version 1.6.18beta07 [June 6, 2015]
Removed non-working progressive reader 'skip' function. This
function has apparently never been used. It was implemented
to support back-door modification of png_struct in libpng-1.4.x
but (because it does nothing and cannot do anything) was apparently
never tested (John Bowler).
Fixed cexcept.h in which GCC 5 now reports that one of the auto
variables in the Try macro needs to be volatile to prevent value
being lost over the setjmp (John Bowler).
Fixed NO_WRITE_FILTER and -Wconversion build breaks (John Bowler).
Fix g++ build breaks (John Bowler).
Quieted some Coverity issues in pngfix.c, png-fix-itxt.c, pngvalid.c,
pngstest.c, and pngimage.c. Most seem harmless, but png-fix-itxt
would only work with iTXt chunks with length 255 or less.
Added #ifdef's to contrib/examples programs so people don't try
to compile them without the minimum required support enabled
(suggested by Flavio Medeiros).
Version 1.6.18beta08 [June 30, 2015]
Eliminated the final two Coverity defects (insecure temporary file
handling in contrib/libtests/pngstest.c; possible overflow of
unsigned char in contrib/tools/png-fix-itxt.c). To use the "secure"
file handling, define PNG_USE_MKSTEMP, otherwise "tmpfile()" will
be used.
Removed some unused WEIGHTED_FILTER macros from png.h and pngstruct.h
Version 1.6.18beta09 [July 5, 2015]
Removed some useless typecasts from contrib/tools/png-fix-itxt.c
Fixed a new signed-unsigned comparison in pngrtran.c (Max Stepin).
Replaced arbitrary use of 'extern' with #define PNG_LINKAGE_*. To
preserve API compatibility, the new defines all default to "extern"
(requested by Jan Nijtmans).
Version 1.6.18rc01 [July 9, 2015]
Belatedly added Mans Rullgard and James Yu to the list of Contributing
Authors.
Version 1.6.18rc02 [July 12, 2015]
Restored unused FILTER_HEURISTIC macros removed at libpng-1.6.18beta08
to png.h to avoid compatibility warnings.
Version 1.6.18rc03 [July 15, 2015]
Minor changes to the man page
Version 1.6.18 [July 23, 2015]
No changes.
|
|
Version 1.6.17beta01 [January 29, 2015]
Removed duplicate PNG_SAFE_LIMITS_SUPPORTED handling from pngconf.h
Corrected the width limit calculation in png_check_IHDR().
Removed user limits from pngfix. Also pass NULL pointers to
png_read_row to skip the unnecessary row de-interlace stuff.
Added testing of png_set_packing() to pngvalid.c
Regenerated configure scripts in the *.tar distributions with libtool-2.4.4
Implement previously untested cases of libpng transforms in pngvalid.c
Fixed byte order in 2-byte filler, in png_do_read_filler().
Made the check for out-of-range values in png_set_tRNS() detect
values that are exactly 2^bit_depth, and work on 16-bit platforms.
Merged some parts of libpng-1.6.17beta01 and libpng-1.7.0beta47.
Added #ifndef __COVERITY__ where needed in png.c, pngrutil.c and
pngset.c to avoid warnings about dead code.
Added "& 0xff" to many instances of expressions that are typecast
to (png_byte), to avoid Coverity gripes.
Version 1.6.17beta02 [February 7, 2015]
Work around one more Coverity-scan dead-code warning.
Do not build png_product2() when it is unused.
Version 1.6.17beta03 [February 17, 2015]
Display user limits in the output from pngtest.
Eliminated the PNG_SAFE_LIMITS macro and restored the 1-million-column
and 1-million-row default limits in pnglibconf.dfa, that can be reset
by the user at build time or run time. This provides a more robust
defense against DOS and as-yet undiscovered overflows.
Version 1.6.17beta04 [February 21, 2015]
Added PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED macro, on by default.
Allow user to call png_get_IHDR() with NULL arguments (Reuben Hawkins).
Rebuilt configure scripts with automake-1.15 and libtool-2.4.6
Version 1.6.17beta05 [February 25, 2015]
Restored compiling of png_reciprocal2 with PNG_NO_16BIT.
Version 1.6.17beta06 [February 27, 2015]
Moved png_set_filter() prototype into a PNG_WRITE_SUPPORTED block
of png.h.
Avoid runtime checks when converting integer to png_byte with
Visual Studio (Sergey Kosarevsky)
Version 1.6.17rc01 [March 4, 2015]
No changes.
Version 1.6.17rc02 [March 9, 2015]
Removed some comments that the configure script did not handle
properly from scripts/pnglibconf.dfa and pnglibconf.h.prebuilt.
Free the unknown_chunks structure even when it contains no data.
Version 1.6.17rc03 [March 12, 2015]
Updated CMakeLists.txt to add OSX framework, change YES/NO to ON/OFF
for consistency, and remove some useless tests (Alexey Petruchik).
Version 1.6.17rc04 [March 16, 2015]
Remove pnglibconf.h, pnglibconf.c, and pnglibconf.out instead of
pnglibconf.* in "make clean" (Cosmin).
Fix bug in calculation of maxbits, in png_write_sBIT, introduced
in libpng-1.6.17beta01 (John Bowler).
Version 1.6.17rc05 [March 21, 2015]
Define PNG_FILTER_* and PNG_FILTER_VALUE_* in png.h even when WRITE
is not supported (John Bowler). This fixes an error introduced in
libpng-1.6.17beta06.
Reverted "& 0xff" additions of version 1.6.17beta01. Libpng passes
the Coverity scan without them.
Version 1.6.17rc06 [March 23, 2015]
Remove pnglibconf.dfn and pnglibconf.pre with "make clean".
Reformatted some "&0xff" instances to "& 0xff".
Fixed simplified 8-bit-linear to sRGB alpha. The calculated alpha
value was wrong. It's not clear if this affected the final stored
value; in the obvious code path the upper and lower 8-bits of the
alpha value were identical and the alpha was truncated to 8-bits
rather than dividing by 257 (John Bowler).
Version 1.6.17 [March 26, 2015]
No changes.
|
|
Changes since the last public release (1.6.15):
Added ".align 2" to arm/filter_neon.S to support old GAS assemblers that
don't do alignment correctly.
Revised Makefile.am and scripts/*.dfn to work with MinGW/MSYS;
renamed scripts/*.dfn to scripts/*.c (Bob Friesenhahn and John Bowler).
Quiet a "comparison always true" warning in pngstest.c (John Bowler).
Restored a test on width that was removed from png.c at libpng-1.6.9
(Bug report by Alex Eubanks).
Fixed an overflow in png_combine_row with very wide interlaced images.
|
|
Version 1.6.15beta01 [October 29, 2014]
Changed "if (!x)" to "if (x == 0)" and "if (x)" to "if (x != 0)"
Simplified png_free_data().
Added missing "ptr = NULL" after some instances of png_free().
Version 1.6.15beta02 [November 1, 2014]
Changed remaining "if (!x)" to "if (x == 0)" and "if (x)" to "if (x != 0)"
Version 1.6.15beta03 [November 3, 2014]
Added PNG_USE_ARM_NEON configuration flag (Marcin Juszkiewicz).
Version 1.6.15beta04 [November 4, 2014]
Removed new PNG_USE_ARM_NEON configuration flag and made a one-line
revision to configure.ac to support ARM on aarch64 instead (John Bowler).
Version 1.6.15beta05 [November 5, 2014]
Use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING in
example.c, pngtest.c, and applications in the contrib directory.
Avoid out-of-bounds memory access in png_user_version_check().
Simplified and future-proofed png_user_version_check().
Fixed GCC unsigned int->float warnings. Various versions of GCC
seem to generate warnings when an unsigned value is implicitly
converted to double. This is probably a GCC bug but this change
avoids the issue by explicitly converting to (int) where safe.
Free all allocated memory in pngimage. The file buffer cache was left
allocated at the end of the program, harmless but it causes memory
leak reports from clang.
Fixed array size calculations to avoid warnings. At various points
in the code the number of elements in an array is calculated using
sizeof. This generates a compile time constant of type (size_t) which
is then typically assigned to an (unsigned int) or (int). Some versions
of GCC on 64-bit systems warn about the apparent narrowing, even though
the same compiler does apparently generate the correct, in-range,
numeric constant. This adds appropriate, safe, casts to make the
warnings go away.
Version 1.6.15beta06 [November 6, 2014]
Reverted use png_get_libpng_ver(NULL) instead of PNG_LIBPNG_VER_STRING
in the manual, example.c, pngtest.c, and applications in the contrib
directory. It was incorrect advice.
Version 1.6.15beta07 [November 7, 2014]
Removed #ifdef PNG_16BIT_SUPPORTED/#endif around png_product2(); it is
needed by png_reciprocal2().
Added #ifdef PNG_16BIT_SUPPORTED/#endif around png_log16bit() and
png_do_swap().
Changed all "#endif /* PNG_FEATURE_SUPPORTED */" to "#endif /* FEATURE */"
Version 1.6.15beta08 [November 8, 2014]
More housecleaning in *.h
Version 1.6.15rc01 [November 13, 2014]
Version 1.6.15rc02 [November 14, 2014]
The macros passed in the command line to Borland make were ignored if
similarly-named macros were already defined in makefiles. This behavior
is different from POSIX make and other make programs. Surround the
macro definitions with ifndef guards (Cosmin).
Version 1.6.15rc03 [November 16, 2014]
Added "-D_CRT_SECURE_NO_WARNINGS" to CFLAGS in scripts/makefile.vcwin32.
Removed the obsolete $ARCH variable from scripts/makefile.darwin.
Version 1.6.15 [November 20, 2014]
No changes.
|
|
Version 1.6.14beta01 [September 14, 2014]
Guard usage of png_ptr->options with #ifdef PNG_SET_OPTION_SUPPORTED.
Do not build contrib/tools/pngfix.c when PNG_SETJMP_NOT_SUPPORTED,
to allow "make" to complete without setjmp support (bug report by
Claudio Fontana)
Add "#include <setjmp.h>" to contrib/tools/pngfix.c (John Bowler)
Version 1.6.14beta02 [September 18, 2014]
Use nanosleep() instead of usleep() in contrib/gregbook/rpng2-x.c
because usleep() is deprecated.
Define usleep() in contrib/gregbook/rpng2-x.c if not already defined
in unistd.h and nanosleep() is not available; fixes error introduced
in libpng-1.6.13.
Disable floating point exception handling in pngvalid.c when
PNG_FLOATING_ARITHMETIC is not supported (bug report by "zootus
at users.sourceforge.net").
Version 1.6.14beta03 [September 19, 2014]
Define FE_DIVBYZERO, FE_INVALID, and FE_OVERFLOW in pngvalid.c if not
already defined. Revert floating point exception handling in pngvalid.c
to version 1.6.14beta01 behavior.
Version 1.6.14beta04 [September 27, 2014]
Fixed incorrect handling of the iTXt compression flag in pngrutil.c
(bug report by Shunsaku Hirata). Bug was introduced in libpng-1.6.0.
Version 1.6.14beta05 [October 1, 2014]
Added "option READ_iCCP enables READ_COMPRESSED_TEXT" to pnglibconf.dfa
Version 1.6.14beta06 [October 5, 2014]
Removed unused "text_len" parameter from private function png_write_zTXt().
Conditionally compile some code in png_deflate_claim(), when
PNG_WARNINGS_SUPPORTED and PNG_ERROR_TEXT_SUPPORTED are disabled.
Replaced repeated code in pngpread.c with PNG_PUSH_SAVE_BUFFER_IF_FULL.
Added "chunk iTXt enables TEXT" and "chunk zTXt enables TEXT"
to pnglibconf.dfa.
Removed "option READ_COMPRESSED_TEXT enables READ_TEXT" from pnglibconf.dfa,
to make it possible to configure a libpng that supports iCCP but not TEXT.
Version 1.6.14beta07 [October 7, 2014]
Removed "option WRITE_COMPRESSED_TEXT enables WRITE_TEXT" from pnglibconf.dfa
Only mark text chunks as written after successfully writing them.
Version 1.6.14rc01 [October 15, 2014]
Fixed some typos in comments.
Version 1.6.14rc02 [October 17, 2014]
Changed png_convert_to_rfc_1123() to png_convert_to_rfc_1123_buffer()
in the manual, to reflect the change made in libpng-1.6.0.
Updated README file to explain that direct access to the png_struct
and info_struct members has not been permitted since libpng-1.5.0.
Version 1.6.14 [October 23, 2014]
No changes.
|
|
Version 1.6.13beta01 [July 4, 2014]
Quieted -Wsign-compare and -Wclobber compiler warnings in
contrib/pngminus/*.c
Added "(void) png_ptr;" where needed in contrib/gregbook to quiet
compiler complaints about unused pointers.
Split a long output string in contrib/gregbook/rpng2-x.c.
Added "PNG_SET_OPTION" requirement for sRGB chunk support to pnglibconf.dfa,
Needed for write-only support (John Bowler).
Changed "if defined(__ARM_NEON__)" to
"if (defined(__ARM_NEON__) || defined(__ARM_NEON))" (James Wu).
Fixed clang no-warning builds: png_digit was defined but never used.
Version 1.6.13beta02 [July 21, 2014]
Fixed an incorrect separator ("/" should be "\") in scripts/makefile.vcwin32
(bug report from Wolfgang S. Kechel). Bug was introduced in libpng-1.6.11.
Also fixed makefile.bc32, makefile.bor, makefile.msc, makefile.intel, and
makefile.tc3 similarly.
Version 1.6.13beta03 [August 3, 2014]
Removed scripts/makefile.elf. It has not worked since libpng-1.5.0beta14
due to elimination of the PNG_FUNCTION_EXPORT and PNG_DATA_EXPORT
definitions from pngconf.h.
Ensure that CMakeLists.txt makes the target "lib" directory before making
symbolic link into it (SourceForge bug report #226 by Rolf Timmermans).
Version 1.6.13beta04 [August 8, 2014]
Added opinion that the ECCN (Export Control Classification Number) for
libpng is EAR99 to the README file.
Eliminated use of "$<" in makefile explicit rules, when copying
$PNGLIBCONF_H_PREBUILT. This does not work on some versions of make;
bug introduced in libpng version 1.6.11.
Version 1.6.13rc01 [August 14, 2014]
Made "ccopts" agree with "CFLAGS" in scripts/makefile.hp* and makefile.*sunu
Version 1.6.13 [August 21, 2014]
No changes.
|
|
Version 1.6.12rc01 [June 6, 2014]
Relocated new code from 1.6.11beta06 in png.c to a point after the
declarations (Max Stepin).
Version 1.6.12rc02 [June 7, 2014]
Changed file permissions of contrib/tools/intgamma.sh,
test-driver, and compile from 0644 to 0755 (Cosmin).
Version 1.6.12rc03 [June 8, 2014]
Ensure "__has_attribute()" macro exists before trying to use it with
old clang compilers (MacPorts Ticket #43939).
Version 1.6.12 [June 12, 2014]
No changes.
|
|
Version 1.6.11beta01 [March 17, 2014]
Use "if (value != 0)" instead of "if (value)" consistently.
Changed ZlibSrcDir from 1.2.5 to 1.2.8 in projects/vstudio.
Moved configuration information from the manual to the INSTALL file.
Version 1.6.11beta02 [April 6, 2014]
Removed #if/#else/#endif from inside two pow() calls in pngvalid.c because
they were handled improperly by Portland Group's PGI-14.1 - PGI-14.3
when using its "__builtin_pow()" function.
Silence 'unused parameter' build warnings (Cosmin Truta).
$(CP) is now used alongside $(RM_F). Also, use 'copy' instead of 'cp'
where applicable, and applied other minor makefile changes (Cosmin).
Don't warn about invalid dimensions exceeding user limits (Cosmin).
Allow an easy replacement of the default pre-built configuration
header with a custom header, via the make PNGLIBCONF_H_PREBUILT
macro (Cosmin).
Version 1.6.11beta03 [April 6, 2014]
Fixed a typo in pngrutil.c, introduced in libpng-1.5.6, that interferes
with "blocky" expansion of sub-8-bit interlaced PNG files (Eric Huss).
Optionally use __builtin_bswap16() in png_do_swap().
Version 1.6.11beta04 [April 19, 2014]
Made progressive reading of interlaced images consistent with the
behavior of the sequential reader and consistent with the manual, by
moving some code out of the PNG_READ_INTERLACING_SUPPORTED blocks. The
row_callback now receives the proper pass number and unexpanded rows, when
png_combine_row() isn't built or used, and png_set_interlace_handling()
is not called.
Allow PNG_sRGB_PROFILE_CHECKING = (-1) to mean no sRGB profile checking.
Version 1.6.11beta05 [April 26, 2014]
Do not reject ICC V2 profiles that lack padding (Kai-Uwe Behrmann).
Relocated closing bracket of the sRGB profile test loop to avoid getting
"Not recognizing known sRGB profile that has been edited" warning for
ICC V2 profiles that lack the MD5 signature in the profile header.
Version 1.6.11beta06 [May 19, 2014]
Added PNG_SKIP_sRGB_CHECK_PROFILE choice for png_set_option().
Version 1.6.11rc01 [May 27, 2014]
No changes.
Version 1.6.11rc02 [June 3, 2014]
Test ZLIB_VERNUM instead of PNG_ZLIB_VERNUM in contrib/tools/pngfix.c
Version 1.6.11 [June 5, 2014]
No changes.
|
|
Version 1.6.10rc02 [February 28, 2014]
Removed unreachable return statement after png_chunk_error()
in pngrutil.c
Version 1.6.10rc03 [March 4, 2014]
Un-deprecated png_data_freer().
Version 1.6.10 [March 6, 2014]
|
|
This fixes CERT VU#684412 and CVE-2014-0333.
Version 1.6.10beta01 [February 9, 2014]
Backported changes from libpng-1.7.0beta30 and beta31:
Fixed a large number of instances where PNGCBAPI was omitted from
function definitions.
Added pngimage test program for png_read_png() and png_write_png()
with two new test scripts.
Removed dependence on !PNG_READ_EXPAND_SUPPORTED for calling
png_set_packing() in png_read_png().
Fixed combination of ~alpha with shift. On read invert alpha, processing
occurred after shift processing, which causes the final values to be
outside the range that should be produced by the shift. Reversing the
order on read makes the two transforms work together correctly and mirrors
the order used on write.
Do not read invalid sBIT chunks. Previously libpng only checked sBIT
values on write, so a malicious PNG writer could therefore cause
the read code to return an invalid sBIT chunk, which might lead to
application errors or crashes. Such chunks are now skipped (with
chunk_benign_error).
Make png_read_png() and png_write_png() prototypes in png.h depend
upon PNG_READ_SUPPORTED and PNG_WRITE_SUPPORTED.
Support builds with unsupported PNG_TRANSFORM_* values. All of the
PNG_TRANSFORM_* values are always defined in png.h and, because they
are used for both read and write in some cases, it is not reliable
to #if out ones that are totally unsupported. This change adds error
detection in png_read_image() and png_write_image() to do a
png_app_error() if the app requests something that cannot be done
and it adds corresponding code to pngimage.c to handle such options
by not attempting to test them.
Version 1.6.10beta02 [February 23, 2014]
Moved redefines of png_error(), png_warning(), png_chunk_error(),
and png_chunk_warning() from pngpriv.h to png.h to make them visible
to libpng-calling applications.
Moved OS dependent code from arm/arm_init.c, to allow the included
implementation of the ARM NEON discovery function to be set at
build-time and provide sample implementations from the current code in the
contrib/arm-neon subdirectory. The __linux__ code has also been changed to
compile and link on Android by using /proc/cpuinfo, and the old linux code
is in contrib/arm-neon/linux-auxv.c. The new code avoids POSIX and Linux
dependencies apart from opening /proc/cpuinfo and is C90 compliant.
Check for info_ptr == NULL early in png_read_end() so we don't need to
run all the png_handle_*() and depend on them to return if info_ptr == NULL.
This improves the performance of png_read_end(png_ptr, NULL) and makes
it more robust against future programming errors.
Check for __has_extension before using it in pngconf.h, to
support older Clang versions (Jeremy Sequoia).
Treat CRC error handling with png_set_crc_action(), instead of with
png_set_benign_errors(), which has been the case since libpng-1.6.0beta18.
Use a user warning handler in contrib/gregbook/readpng2.c instead of default,
so warnings will be put on stderr even if libpng has CONSOLE_IO disabled.
Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
after recognizing the IDAT chunk, which avoids an infinite loop while
reading a datastream whose first IDAT chunk is of zero-length.
This fixes CERT VU#684412 and CVE-2014-0333.
Don't recognize known sRGB profiles as sRGB if they have been hacked,
but don't reject them and don't issue a copyright violation warning.
Version 1.6.10beta03 [February 25, 2014]
Moved some documentation from png.h to libpng.3 and libpng-manual.txt
Minor editing of contrib/arm-neon/README and contrib/examples/*.c
Version 1.6.10rc01 [February 27, 2014]
Fixed typos in the manual and in scripts/pnglibconf.dfa (CFLAGS -> CPPFLAGS
and PNG_USR_CONFIG -> PNG_USER_CONFIG).
|
|
with very helpful upstream.
Changes:
Version 1.6.9beta01 [December 26, 2013]
Bookkeeping: Moved functions around (no changes). Moved transform
function definitions before the place where they are called so that
they can be masde static. Move the intrapixel functions and the
grayscale palette builder out of the png?tran.c files. The latter
isn't a transform function and is no longer used internally, and the
former MNG specific functions are better placed in pngread/pngwrite.c
Made transform implementation functions static. This makes the internal
functions called by png_do_{read|write}_transformations static. On an
x86-64 DLL build (Gentoo Linux) this reduces the size of the text
segment of the DLL by 1208 bytes, about 0.6%. It also simplifies
maintenance by removing the declarations from pngpriv.h and allowing
easier changes to the internal interfaces.
Rebuilt configure scripts with automake-1.14.1 and autoconf-2.69
in the tar distributions.
Version 1.6.9beta02 [January 1, 2014]
Added checks for libpng 1.5 to pngvalid.c. This supports the use of
this version of pngvalid in libpng 1.5
Merged with pngvalid.c from libpng-1.7 changes to create a single
pngvalid.c
Removed #error macro from contrib/tools/pngfix.c (Thomas Klausner).
Merged pngrio.c, pngtrans.c, pngwio.c, and pngerror.c with libpng-1.7.0
Merged libpng-1.7.0 changes to make no-interlace configurations work
with test programs.
Revised pngvalid.c to support libpng 1.5, which does not support the
PNG_MAXIMUM_INFLATE_WINDOW option, so #define it out when appropriate in
pngvalid.c
Allow unversioned links created on install to be disabled in configure.
In configure builds 'make install' changes/adds links like png.h
and libpng.a to point to the newly installed, versioned, files (e.g.
libpng17/png.h and libpng17.a). Three new configure options and some
rearrangement of Makefile.am allow creation of these links to be disabled.
Version 1.6.9beta03 [January 10, 2014]
Removed potentially misleading warning from png_check_IHDR().
Version 1.6.9beta04 [January 20, 2014]
Updated scripts/makefile.* to use CPPFLAGS (Cosmin).
Added clang attribute support (Cosmin).
Version 1.6.9rc01 [January 28, 2014]
No changes.
Version 1.6.9rc02 [January 30, 2014]
Quiet an uninitialized memory warning from VC2013 in png_get_png().
Version 1.6.9 [February 6, 2014]
|
|
Version 1.6.8beta01 [November 24, 2013]
Moved prototype for png_handle_unknown() in pngpriv.h outside of
the #ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED/#endif block.
Added "-Wall" to CFLAGS in contrib/pngminim/*/makefile
Conditionally compile some unused functions reported by -Wall in
pngminim.
Fixed 'minimal' builds. Various obviously useful minimal configurations
don't build because of missing contrib/libtests test programs and
overly complex dependencies in scripts/pnglibconf.dfa. This change
adds contrib/conftest/*.dfa files that can be used in automatic build
scripts to ensure that these configurations continue to build.
Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
Fixed pngvalid 'fail' function declaration on the Intel C Compiler.
This reverts to the previous 'static' implementation and works round
the 'unused static function' warning by using PNG_UNUSED().
Version 1.6.8beta02 [November 30, 2013]
Removed or marked PNG_UNUSED some harmless "dead assignments" reported
by clang scan-build.
Changed tabs to 3 spaces in png_debug macros and changed '"%s"m'
to '"%s" m' to improve portability among compilers.
Changed png_free_default() to free() in pngtest.c
Version 1.6.8rc01 [December 12, 2013]
Tidied up pngfix inits and fixed pngtest no-write builds.
Version 1.6.8rc02 [December 14, 2013]
Handle zero-length PLTE chunk or NULL palette with png_error()
instead of png_chunk_report(), which by default issues a warning
rather than an error, leading to later reading from a NULL pointer
(png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
and VU#650142.
Version 1.6.8 [December 19, 2013]
|
|
|
|
Version 1.6.7beta01 [September 30, 2013]
Revised unknown chunk code to correct several bugs in the NO_SAVE_/NO_WRITE
combination
Allow HANDLE_AS_UNKNOWN to work when other options are configured off. Also
fixed the pngminim makefiles to work when $(MAKEFLAGS) contains stuff
which terminates the make options (as by default in recent versions of
Gentoo).
Avoid up-cast warnings in pngvalid.c. On ARM the alignment requirements of
png_modifier are greater than that of png_store and as a consequence
compilation of pngvalid.c results in a warning about increased alignment
requirements because of the bare cast to (png_modifier*). The code is safe,
because the pointer is known to point to a stack allocated png_modifier,
but this change avoids the warning.
Fixed default behavior of ARM_NEON_API. If the ARM NEON API option was
compiled without the CHECK option it defaulted to on, not off.
Check user callback behavior in pngunknown.c. Previous versions compiled
if SAVE_UNKNOWN was not available but did nothing since the callback
was never implemented.
Merged pngunknown.c with 1.7 version and back ported 1.7 improvements/fixes
Version 1.6.7beta02 [October 12, 2013]
Made changes for compatibility with automake 1.14:
1) Added the 'compile' program to the list of programs that must be cleaned
in autogen.sh
2) Added 'subdir-objects' which causes .c files in sub-directories to be
compiled such that the corresponding .o files are also in the
sub-directory. This is because automake 1.14 warns that the
current behavior of compiling to the top level directory may be removed
in the future.
3) Updated dependencies on pnglibconf.h to match the new .o locations and
added all the files in contrib/libtests and contrib/tools that depend
on pnglibconf.h
4) Added 'BUILD_SOURCES = pnglibconf.h'; this is the automake recommended
way of handling the dependencies of sources that are machine generated;
unfortunately it only works if the user does 'make all' or 'make check',
so the dependencies (3) are still required.
Cleaned up (char*) casts of zlib messages. The latest version of the Intel C
compiler complains about casting a string literal as (char*), so copied the
treatment of z_const from the library code into pngfix.c
Simplified error message code in pngunknown. The simplification has the
useful side effect of avoiding a bogus warning generated by the latest
version of the Intel C compiler (it objects to
condition ? string-literal : string-literal).
Make autogen.sh work with automake 1.13 as well as 1.14. Do this by always
removing the 1.14 'compile' script but never checking for it.
Version 1.6.7beta03 [October 19, 2013]
Added ARMv8 support (James Yu <james.yu at linaro.org>). Added file
arm/filter_neon_intrinsics.c; enable with -mfpu=neon.
Revised pngvalid to generate size images with as many filters as it can
manage, limited by the number of rows.
Cleaned up ARM NEON compilation handling. The tests are now in pngpriv.h
and detect the broken GCC compilers.
Version 1.6.7beta04 [October 26, 2013]
Allow clang derived from older GCC versions to use ARM intrinsics. This
causes all clang builds that use -mfpu=neon to use the intrinsics code,
not the assembler code. This has only been tested on iOS 7. It may be
necessary to exclude some earlier clang versions but this seems unlikely.
Changed NEON implementation selection mechanism. This allows assembler
or intrinsics to be turned on at compile time during the build by defining
PNG_ARM_NEON_IMPLEMENTATION to the correct value (2 or 1). This macro
is undefined by default and the build type is selected in pngpriv.h.
Version 1.6.7rc01 [November 2, 2013]
No changes.
Version 1.6.7rc02 [November 7, 2013]
Fixed #include in filter_neon_intrinsics.c and ctype macros. The ctype char
checking macros take an unsigned char argument, not a signed char.
Version 1.6.7 [November 14, 2013]
|
|
Version 1.6.6 [September 16, 2013]
Removed two stray lines of code from arm/arm_init.c, again.
|
|
libpng-1.6.5 has been released, to remove two stray lines in arm/arm_init.c
that caused libpng to fail to compile when ARM support is enabled. This
problem was apparently due to a cut-and-paste error of some sort on my part.
|
|
Changes since the last public release (1.6.3):
Added information about png_set_options() to the manual.
Delay calling png_init_filter_functions() until a row with nonzero filter
is found.
Fixed inconsistent conditional compilation of png_chunk_unknown_handling()
prototype, definition, and usage. Made it depend on
PNG_HANDLE_AS_UNKNOWN_SUPPORTED everywhere.
|
|
Changes since the last public release (1.6.2):
Revised stack marking in arm/filter_neon.S and configure.ac.
Ensure that NEON filter stuff is completely disabled when switched 'off'.
Previously the ARM NEON specific files were still built if the option
was switched 'off' as opposed to being explicitly disabled.
Test for 'arm*' not just 'arm' in the host_cpu configure variable.
Rebuilt the configure scripts.
Expanded manual paragraph about writing private chunks, particularly
the need to call png_set_keep_unknown_chunks() when writing them.
Avoid dereferencing NULL pointer possibly returned from
png_create_write_struct() (Andrew Church).
Calculate our own zlib windowBits when decoding rather than trusting the
CMF bytes in the PNG datastream.
Added an option to force maximum window size for inflating, which was
the behavior of libpng15 and earlier.
Added png-fix-itxt and png-fix-too-far-back to the built programs and
removed warnings from the source code and timepng that are revealed as
a result.
Detect wrong libpng versions linked to png-fix-too-far-back, which currently
only works with libpng versions that can be made to reliably fail when
the deflate data contains an out-of-window reference. This means only
1.6 and later.
Fixed gnu issues: g++ needs a static_cast, gcc 4.4.7 has a broken warning
message which it is easier to work round than ignore.
Updated contrib/pngminus/pnm2png.c (Paul Stewart):
Check for EOF
Ignore "#" delimited comments in input file to pnm2png.c.
Fixed whitespace handling
Added a call to png_set_packing()
Initialize dimension values so if sscanf fails at least we have known
invalid values.
Attempt to detect configuration issues with png-fix-too-far-back, which
requires both the correct libpng and the correct zlib to function
correctly.
Check ZLIB_VERNUM for mismatches, enclose #error in quotes
Added information in the documentation about problems with and fixes for
the bad CRC and bad iTXt chunk situations.
Allow contrib/pngminus/pnm2png.c to compile without WRITE_INVERT and
WRITE_PACK supported (writes error message that it can't read P1 or
Improved png-fix-too-far-back usage message, added --suffix option.
Revised contrib/pngminim/*/makefile to generate pnglibconf.h with the
right zlib header files.
Separated CPPFLAGS and CFLAGS in contrib/pngminim/*/makefile
Removed a redundant test in png_set_IHDR().
Added set(CMAKE_CONFIGURATION_TYPES ...) to CMakeLists.txt (Andrew Hundt)
Deleted set(CMAKE_BUILD_TYPE) block from CMakeLists.txt
Enclose the prototypes for the simplified write API in
#ifdef PNG_STDIO_SUPPORTED/#endif
Make ARM NEON support work at compile time (not just configure time).
This moves the test on __ARM_NEON__ into pngconf.h to avoid issues when
using a compiler that compiles for multiple architectures at one time.
Removed PNG_FILTER_OPTIMIZATIONS and PNG_ARM_NEON_SUPPORTED from
pnglibconf.h, allowing more of the decisions to be made internally
(pngpriv.h) during the compile. Without this, symbol prefixing is broken
under certain circumstances on ARM platforms. Now only the API parts of
the optimizations ('check' vs 'api') are exposed in the public header files
except that the new setting PNG_ARM_NEON_OPT documents how libpng makes the
decision about whether or not to use the optimizations.
Protect symbol prefixing against CC/CPPFLAGS/CFLAGS useage.
Previous iOS/Xcode fixes for the ARM NEON optimizations moved the test
on __ARM_NEON__ from configure time to compile time. This breaks symbol
prefixing because the definition of the special png_init_filter_functions
call was hidden at configure time if the relevant compiler arguments are
passed in CFLAGS as opposed to CC. This change attempts to avoid all
the confusion that would result by declaring the init function even when
it is not used, so that it will always get prefixed.
Revised libpng.3 so that "doclifter" can process it.
Revised example.c to illustrate use of PNG_DEFAULT_sRGB and
PNG_GAMMA_MAC_18
as parameters for png_set_gamma(). These have been available since
libpng-1.5.4.
Renamed contrib/tools/png-fix-too-far-back.c to pngfix.c and revised it
to check all compressed chunks known to libpng.
Updated documentation to show default behavior of benign errors correctly.
Only compile ARM code when PNG_READ_SUPPORTED is defined.
Fixed undefined behavior in contrib/tools/pngfix.c and added new strip
option. pngfix relied on undefined behavior and even a simple change from
gcc to g++ caused it to fail. The new strip option 'unsafe' has been
implemented and is the default if --max is given. Option names have
been clarified, with --strip=transform now stripping the bKGD chunk,
which was stripped previously with --strip=unused.
Added all documented chunk types to pngpriv.h
Unified pngfix.c source with libpng17.
Revised manual about changes in iTXt chunk handling made in libpng-1.6.0.
Added "/* SAFE */" comments in pngrutil.c and pngrtran.c where warnings
may be erroneously issued by code-checking applications.
|
|
Version 1.6.2rc01 [April 18, 2013]
Added contrib/tools/fixitxt.c, to repair the erroneous iTXt chunk length
written by libpng-1.6.0 and 1.6.1.
Disallow storing sRGB information when the sRGB is not supported.
Version 1.6.2rc02 [April 18, 2013]
Merge pngtest.c with libpng-1.7.0
Version 1.6.2rc03 [April 22, 2013]
Trivial spelling cleanup.
Version 1.6.2rc04 and 1.6.2rc05 [omitted]
Version 1.6.2rc06 [April 24, 2013]
Reverted to version 1.6.2rc03. Recent changes to arm/neon support
have been ported to libpng-1.7.0beta09 and will reappear in version
1.6.3beta01.
|
|
Version 1.6.2beta01 [April 14, 2013]
Updated documentation of 1.5.x to 1.6.x changes in iCCP chunk handling.
Fixed incorrect warning of excess deflate data. End condition - the
warning would be produced if the end of the deflate stream wasn't read
in the last row. The warning is harmless.
Corrected the test on user transform changes on read. It was in the
png_set of the transform function, but that doesn't matter unless the
transform function changes the rowbuf size, and that is only valid if
transform_info is called.
Corrected a misplaced closing bracket in contrib/libtests/pngvalid.c
(Flavio Medeiros).
Corrected length written to uncompressed iTXt chunks (Samuli Suominen).
|
|
Version 1.6.1beta06 [March 4, 2013]
Better documentation of unknown handling API interactions.
Corrected Android builds and corrected libpng.vers with symbol
prefixing This adds an API to set optimization options externally,
providing an alternative and general solution for the non-portable
run-time tests used by the ARM Neon code. It also makes those tests
compile and link on Android.
The order of settings vs options in pnglibconf.h is reversed to allow
settings to depend on options and options can now set (or override) the
defaults for settings.
Version 1.6.1beta07 [March 7, 2013]
Corrected simplified API default gamma for color-mapped output, added
a flag to change default. In 1.6.0 when the simplified API was used
to produce color-mapped output from an input image with no gamma
information the gamma assumed for the input could be different from
that assumed for non-color-mapped output. In particular 16-bit depth
input files were assumed to be sRGB encoded, whereas in the 'direct'
case they were assumed to have linear data. This was an error. The
fix makes the simplified API treat all input files the same way and
adds a new flag to the png_image::flags member to allow the
application/user to specify that 16-bit files contain sRGB data
rather than the default linear.
Fixed bugs in the pngpixel and makepng test programs.
Version 1.6.1beta08 [March 7, 2013]
Fixed CMakelists.txt to allow building a single variant of the library
(Claudio Bley):
Introduced a PNG_LIB_TARGETS variable that lists all activated library
targets. It is an error if this variable ends up empty, ie. you have
to build at least one library variant.
Made the *_COPY targets only depend on library targets actually being build.
Use PNG_LIB_TARGETS to unify a code path.
Changed the CREATE_SYMLINK macro to expect the full path to a file as the
first argument. When symlinking the filename component of that path is
determined and used as the link target.
Use copy_if_different in the CREATE_SYMLINK macro.
Version 1.6.1beta09 [March 13, 2013]
Eliminated two warnings from the Intel C compiler. The warnings are
technically valid, although a reasonable treatment of division would
show it to be incorrect.
Version 1.6.1rc01 [March 21, 2013]
No changes.
Version 1.6.1 [March 28, 2013]
No changes.
|
|
ImageMagick).
Version 1.6.1beta01 [February 16, 2013]
Made symbol prefixing work with the ARM neon optimizations. Also allow
pngpriv.h to be included for preprocessor definitions only, so it can
be used in non-C/C++ files. Back ported from libpng 1.7.
Made sRGB check numbers consistent.
Ported libpng 1.5 options.awk/dfn file handling to 1.6, fixed one bug.
Removed cc -E workround, corrected png_get_palette_max API Tested on
SUN OS cc 5.9, which demonstrates the tokenization problem previously
avoided by using /lib/cpp. Since all .dfn output is now protected in
double quotes unless it is to be macro substituted the fix should
work everywhere.
Enabled parallel tests - back ported from libpng-1.7.
scripts/pnglibconf.dfa formatting improvements back ported from libpng17.
Fixed a race condition in the creation of the build 'scripts' directory
while building with a parallel make.
Use approved/supported Android method to check for NEON, use Linux/POSIX
1003.1 API to check /proc/self/auxv avoiding buffer allocation and other
library calls (ported from libpng15).
Version 1.6.1beta02 [February 19, 2013]
Use parentheses more consistently in "#if defined(MACRO)" tests.
Folded long lines.
Reenabled code to allow zero length PLTE chunks for MNG.
Version 1.6.1beta03 [February 22, 2013]
Fixed ALIGNED_MEMORY support.
Allow run-time ARM NEON checking to be disabled. A new configure option:
--enable-arm-neon=always will stop the run-time checks. New checks
within arm/arm_init.c will cause the code not to be compiled unless
__ARM_NEON__ is set. This should make it fail safe (if someone asks
for it on then the build will fail if it can't be done.)
Updated the INSTALL document.
Version 1.6.1beta04 [February 27, 2013]
Revised INSTALL to recommend using CPPFLAGS instead of INCLUDES.
Revised scripts/makefile.freebsd to respect ZLIBLIB and ZLIBINC.
Revised scripts/dfn.awk to work with the buggy MSYS awk that has trouble
with CRLF line endings.
Version 1.6.1beta05 [March 2, 2013]
Avoid a possible memory leak in contrib/gregbook/readpng.c
Fixed bug introduced in libpng-1.6.0beta28 that causes libpng to handle chunks
even when they have been tagged PNG_HANDLE_CHUNK_NEVER.
|
|
This release adds a "simplified API" and removes some features
that have been deprecated since libpng.1.5.x.
Changes to Libpng from version 1.5.x to 1.6.x:
A "simplified API" has been added (see documentation in png.h and a simple
example in contrib/examples/pngtopng.c). The new publicly visible API
includes the following:
macros:
PNG_FORMAT_*
PNG_IMAGE_*
structures:
png_control
png_image
read functions
png_image_begin_read_from_file()
png_image_begin_read_from_stdio()
png_image_begin_read_from_memory()
png_image_finish_read()
png_image_free()
write functions
png_image_write_to_file()
png_image_write_to_stdio()
Starting with libpng-1.6.0, you can configure libpng to prefix all exported
symbols, using the PNG_PREFIX macro.
We no longer include string.h in png.h. The include statement has been moved
to pngpriv.h, where it is not accessible by applications. Applications that
need access to information in string.h must add an '#include "string.h"'
directive. It does not matter whether this is placed prior to or after
the '"#include png.h"' directive.
The following API are now DEPRECATED:
png_info_init_3()
png_convert_to_rfc1123() which has been replaced
with png_convert_to_rfc1123_buffer()
png_data_freer()
png_malloc_default()
png_free_default()
png_reset_zstream()
The following has been removed:
png_get_io_chunk_name(), which has been replaced
with png_get_io_chunk_type(). The new
function returns a 32-bit integer instead of
a string.
The png_sizeof(), png_strlen(), png_memcpy(), png_memcmp(), and
png_memset() macros are no longer used in the libpng sources and
have been removed. These had already been made invisible to
applications
(i.e., defined in the private pngpriv.h header file) since
libpng-1.5.0.
The signatures of many exported functions were changed, such that
png_structp became png_structrp or png_const_structrp
png_infop became png_inforp or png_const_inforp
where "rp" indicates a "restricted pointer".
Error detection in some chunks has improved; in particular the iCCP chunk
reader now does pretty complete validation of the basic format. Some bad
profiles that were previously accepted are now rejected, in particular the
very old broken Microsoft/HP sRGB profile.
The library now issues a warning if both background processing and RGB to
gray are used when gamma correction happens. As with previous versions of
the library the results are numerically very incorrect in this case.
There are some minor arithmetic changes in some transforms such as
png_set_background(), that might be detected by certain regression tests.
Unknown chunk handling has been improved internally, without any API change.
This adds more correct option control of the unknown handling, corrects
a pre-existing bug where the per-chunk 'keep' setting is ignored, and makes
it possible to skip IDAT chunks in the sequential reader.
|
|
Changes since the last public release (1.5.13):
Added -DZ_SOLO to contrib/pngminim/*/makefile to work with zlib-1.2.7
Warn about the incorrect runtime library setting for VS2010 debug DLL builds.
Fixed build when using #define PNG_NO_READ_GAMMA in png_do_compose() in
pngrtran.c (Domani Hannes).
Check for png_ptr==NULL earlier in png_zalloc().
Ignore, with a warning, out-of-range value of num_trans in png_set_tRNS().
Rearranged building of ARM NEON optimizations. The ARM specific code is
split out entirely to the arm subdirectory and changes to configure.acand
Makefile.am to add new stuff are reduced. Now material code changes,
although for build test purposes, --enable-arm-neon now builds on non-ARM
systems.
Rebuilt Makefile.in, configure, etc., with autoconf-2.69 and automake-1.12.5.
Fixed cases of unquoted DESTDIR in Makefile.am
Fixed a minor bug in types to malloc and major bug in handling compressed
iTXt. Compressed iTXt could not be handled.
Cleaned up whitespace in the synopsis portion of the manpage "libpng.3"
Disassembled the version number in scripts/options.awk (necessary for
building on SunOs).
Fixed Windows build issues, enabled ARM compilation. Various warnings issued
by earlier versions of GCC fixed for Cygwin and Min/GW (which both use old
GCCs.) ARM support is enabled by default in zlib.props (unsupported by
Microsoft) and ARM compilation is made possible by deleting the check for
x86. The test programs cannot be run because they are not signed.
Fixed 'make distcheck' on SUN OS - libpng.so was not being removed
Replaced AM_CONFIG_HEADER(config.h) with AC_CONFIG_HEADERS([config.h])
in configure.ac
De-configured build fixes to make a range of deconfiguration options (such
as switching off read or write support) work in more cases. Also upgraded
pngtest and pngvalid to the libpng 1.6 versions (with some modifications)
which provide more extensive testing. Replaced pngtest.png because pngtest
writes the ancillary chunks in a different order.
Check validity of "num_unknowns" parameter of png_set_unknown_chunks()
(Bug report from yuris).
Check the validity of the "nentries" parameter of png_set_sPLT() and the
"num_text" parameter of png_set_text_2().
|
|
Version 1.5.13beta01 [August 8, 2012]
Do not compile PNG_DEPRECATED, PNG_ALLOC and PNG_PRIVATE when __GNUC__ < 3.
Removed references to png_zalloc() and png_zfree() from the manual.
Revised PNG_FP_EXPORT and PNG_FIXED_EXPORT macros to avoid generating
lone semicolons (patch ported from libpng-1.6.0beta11).
Version 1.5.13beta02 [September 10, 2012]
Corrected handling of the image array and the row_pointers array in example.c
When png_set_filler is used to strip a filler channel during write, the
code prior to 1.5 would ignore the case where the output required an
alpha channel or when the output was a palettized PNG. In libpng-1.5 the
ignorance was lost and libpng proceeded to strip the channel resulting
in a bad (potential memory overwrite) failure later. This reverts
the behavior to the pre-1.5 state but issues a warning. libpng-1.6 is
expected to issue an error on the erroneous png_set_filler call.
Use png_memset() consistently (pngmem.c contained some bare "memset" calls).
Version 1.5.13rc01 [September 17, 2012]
No changes.
Version 1.5.13 [September 27, 2012]
No changes.
|
|
Removed scripts/makefile.cegcc from the *.zip and *.7z distributions; it
depends on configure, which is not included in those archives.
Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386.
I don't see CVS-2012-3386 as a vulnerability that applies to pkgsrc,
since to trigger it, you have to run 'make distcheck', and pkgsrc
never does that.
|
|
Version 1.5.11beta01 [April 28, 2012]
Revised scripts/makefile.darwin: use system zlib; remove quotes around
architecture list; add missing ppc architecture; add architecture options
to shared library link; don't try to create a shared lib based on missing
RELEASE variable.
Enable png_set_check_for_invalid_index() for both read and write.
Removed #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED/#endif in pngpriv.h around
declaration of png_handle_unknown().
Added -lssp_nonshared in a comment in scripts/makefile.freebsd
and changed deprecated NOOBJ and NOPROFILE to NO_OBJ and NO_PROFILE.
Version 1.5.11rc01 [May 23, 2012]
No changes.
Version 1.5.11rc02 [May 29, 2012]
Fixed some typos in comments.
Revised CMakeLists.txt to not attempt to make a symlink under mingw.
Added two images to contrib/pngsuite (1-bit and 2-bit transparent grayscale),
and renamed three whose names were inconsistent with those in
pngsuite/README.txt.
Version 1.5.11rc03 [June 4, 2012]
Do not depend upon a GCC feature macro being available for use in generating
the linker mapfile symbol prefix.
Made fixes for new optimization warnings from gcc 4.7.0. The compiler
performed an optimization which is safe but then warned about it.
Changing the type of 'palette_number' in pngvalid.c removes the warning.
Version 1.5.11rc04 [June 6, 2012]
Improved performance of new do_check_palette_indexes() function.
Version 1.5.11rc05 [June 7, 2012]
Don't check palette indexes if num_palette is 0 (as it can be in MNG files).
Version 1.5.11 [June 14, 2012]
Include zlib.h in contrib/gregbook and contrib/visupng examples.
|
|
Version 1.5.10beta01 [February 24, 2012]
Removed two useless #ifdef directives from pngread.c and one from pngrutil.c
Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case).
Removed empty vstudio/pngstest directory (Clifford Yapp).
Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from
pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
now that png_ptr->buffer is inaccessible to applications, the special
handling is no longer useful.
Fixed bug with png_handle_hIST with odd chunk length (Frank Busse).
Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h
to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure
command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h.
Revised the SAFE_LIMITS feature to be the same as the feature in libpng16.
Added information about the new limits in the manual.
Version 1.5.10beta02 [February 27, 2012]
Updated Makefile.in
Version 1.5.10beta03 [March 6, 2012]
Removed unused "current_text" members of png_struct and the png_free()
of png_ptr->current_text from pngread.c
Added palette-index checking. Issue a png_warning() if an invalid index is
found.
Version 1.5.10beta04 [March 10, 2012]
Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition.
Fixed CMF optimization of non-IDAT compressed chunks, which was added at
libpng-1.5.4. It sometimes produced too small of a window.
Version 1.5.10beta05 [March 10, 2012]
Reject all iCCP chunks after the first, even if the first one is invalid.
Issue a png_benign_error() instead of png_warning() about bad palette index.
Fixed an off-by-one error in the palette index checking function.
Revised example.c to put text strings in a temporary character array
instead of directly assigning string constants to png_textp members.
This avoids compiler warnings when -Wwrite-strings is enabled.
Version 1.5.10 [March 29, 2012]
Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice.
Revised png_set_text_2() to avoid potential memory corruption (fixes
CVE-2011-3048).
|
|
following suggestions from upstream.
Bump PKGREVISION.
|
|
version 1.5.9rc01 except of the minor detail that you can actually
fetch the distfile.
|
|
Version 1.5.9beta01 [February 3, 2012]
Rebuilt configure scripts in the tar distributions.
Version 1.5.9beta02 [February 16, 2012]
Removed two unused definitions from scripts/pnglibconf.h.prebuilt
Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h
Version 1.5.9rc01 [February 17, 2012]
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
|
|
size calculation (2011-3026), patch from Chromium via Redhat/Debian
bump PKGREV
|
|
Version 1.5.8beta01 [January 15, 2011]
Removed '#include config.h"' from contrib/libtests/pngvalid.c. It's not
needed and causes trouble for VPATH building.
Moved AC_MSG_CHECKING([if libraries can be versioned]) later to the proper
location in configure.ac (Gilles Espinasse).
Fix bug in pngerror.c: some long warnings were being improperly truncated
(bug introduced in libpng-1.5.3beta05).
Version 1.5.8rc01 [January 21, 2012]
No changes.
Version 1.5.8rc02 [January 25, 2012]
Fixed Min/GW uninstall to remove libpng.dll.a
Conditionalize the install rules for MINGW and CYGWIN in CMakeLists.txt
|
|
Changes since the last public release (1.5.6):
Added support for ARM processor (Mans Rullgard)
Fixed bug in pngvalid on early allocation failure; fixed type cast in
pngmem.c; pngvalid would attempt to call png_error() if the allocation
of a png_struct or png_info failed. This would probably have led to a
crash. The pngmem.c implementation of png_malloc() included a cast
to png_size_t which would fail on large allocations on 16-bit systems.
Fix for the preprocessor of the Intel C compiler. The preprocessor
splits adjacent @ signs with a space; this changes the concatentation
token from @-@-@ to PNG_JOIN; that should work with all compiler
preprocessors.
Paeth filter speed improvements from work by Siarhei Siamashka. This
changes the 'Paeth' reconstruction function to improve the GCC code
generation on x86. The changes are only part of the suggested ones;
just the changes that definitely improve speed and remain simple.
The changes also slightly increase the clarity of the code.
Check compression_type parameter in png_get_iCCP and remove spurious
casts. The compression_type parameter is always assigned to, so must
be non-NULL. The cast of the profile length potentially truncated the
value unnecessarily on a 16-bit int system, so the cast of the (byte)
compression type to (int) is specified by ANSI-C anyway.
Fixed FP division by zero in pngvalid.c; the 'test_pixel' code left
the sBIT fields in the test pixel as 0, which resulted in a floating
point division by zero which was irrelevant but causes systems where
FP exceptions cause a crash. Added code to pngvalid to turn on FP
exceptions if the appropriate glibc support is there to ensure this is
tested in the future.
Added versioning to pnglibconf.h comments.
Installed more accurate linear to sRGB conversion tables. The slightly
modified tables reduce the number of 16-bit values that
convert to an off-by-one 8-bit value. The "makesRGB.c" code that was used
to generate the tables is now in a contrib/sRGBtables sub-directory.
Added run-time detection of NEON support.
Multiple transform bug fixes plus a work-round for double gamma correction.
libpng does not support more than one transform that requires linear data
at once - if this is tried typically the results is double gamma
correction. Since the simplified APIs can need rgb to gray combined with
a compose operation it is necessary to do one of these outside the main
libpng transform code. This check-in also contains fixes to various bugs
in compose and rgb to gray (on palette).
Fixes for C++ compilation using g++ When libpng source is compiled
using g++. The compiler imposes C++ rules on the C source; thus it
is desireable to make the source work with either C or C++ rules
without throwing away useful error information. This change adds
png_voidcast to allow C semantic (void*) cases or the corresponding
C++ static_cast operation, as appropriate.
Added --noexecstack to assembler file compilation. GCC does not set
this on assembler compilation, even though it does on C compilation.
This creates security issues if assembler code is enabled; the
work-around is to set it by default in the flags for $(CCAS)
Removed "zTXt" from warning in generic chunk decompression function.
Validate time settings passed to pngset() and png_convert_to_rfc1123()
(Frank Busse).
Added MINGW support to CMakeLists.txt
Reject invalid compression flag or method when reading the iTXt chunk.
Moved pngvalid.c into contrib/libtests
Rebuilt Makefile.in, configure, etc., with autoconf-2.68
Replaced an "#if" with "#ifdef" in pngrtran.c
Revised #if PNG_DO_BC block in png.c (use #ifdef and add #else)
Revised pngconf.h to use " __declspec(restrict)" only when MSC_VER >= 1400,
as in libpng-1.5.4.
Put CRLF line endings in the owatcom project files.
Updated CMakeLists.txt to account for the relocation of pngvalid.c
Minor fixes to pngvalid.c for gcc 4.6.2 compatibility to remove warnings
reported by earlier versions.
|
|
Version 1.5.6beta01 [September 22, 2011]
Fixed some 64-bit type conversion warnings in pngrtran.c
Moved row_info from png_struct to a local variable.
The various interlace mask arrays have been made into arrays of
bytes and made PNG_CONST and static (previously some arrays were
marked PNG_CONST and some weren't).
Additional checks have been added to the transform code to validate the
pixel depths after the transforms on both read and write.
Removed some redundant code from pngwrite.c, in png_destroy_write_struct().
Changed chunk reading/writing code to use png_uint_32 instead of png_byte[4].
This removes the need to allocate temporary strings for chunk names on
the stack in the read/write code. Unknown chunk handling still uses the
string form because this is exposed in the API.
Version 1.5.6beta02 [September 26, 2011]
Added a note in the manual the png_read_update_info() must be called only
once with a particular info_ptr.
Fixed a typo in the definition of the new PNG_STRING_FROM_CHUNK(s,c) macro.
Version 1.5.6beta03 [September 28, 2011]
Revised test-pngtest.sh to report FAIL when pngtest fails.
Added "--strict" option to pngtest, to report FAIL when the failure is
only because the resulting valid files are different.
Revised CMakeLists.txt to work with mingw and removed some material from
CMakeLists.txt that is no longer useful in libpng-1.5.
Version 1.5.6beta04 [October 5, 2011]
Fixed typo in Makefile.in and Makefile.am ("-M Wl" should be "-M -Wl")."
Version 1.5.6beta05 [October 12, 2011]
Speed up png_combine_row() for interlaced images. This reduces the generality
of the code, allowing it to be optimized for Adam7 interlace. The masks
passed to png_combine_row() are now generated internally, avoiding
some code duplication and localizing the interlace handling somewhat.
Align png_struct::row_buf - previously it was always unaligned, caused by
a bug in the code that attempted to align it; the code needs to subtract
one from the pointer to take account of the filter byte prepended to
each row.
Optimized png_combine_row() when rows are aligned. This gains a small
percentage for 16-bit and 32-bit pixels in the typical case where the
output row buffers are appropriately aligned. The optimization was not
previously possible because the png_struct buffer was always misaligned.
Fixed bug in png_write_chunk_header() debug print, introduced in 1.5.6beta01.
Version 1.5.6beta06 [October 17, 2011]
Removed two redundant tests for unitialized row.
Fixed a relatively harmless memory overwrite in compressed text writing
with a 1 byte zlib buffer.
Add ability to call png_read_update_info multiple times to pngvalid.c.
Fixes for multiple calls to png_read_update_info. These fixes attend to
most of the errors revealed in pngvalid, however doing the gamma work
twice results in inaccuracies that can't be easily fixed. There is now
a warning in the code if this is going to happen.
Turned on multiple png_read_update_info in pngvalid transform tests.
Prevent libpng from overwriting unused bits at the end of the image when
it is not byte aligned, while reading. Prior to libpng-1.5.6 libpng would
overwrite the partial byte at the end of each row if the row width was not
an exact multiple of 8 bits and the image is not interlaced.
Version 1.5.6beta07 [October 21, 2011]
Made png_ptr->prev_row an aligned pointer into png_ptr->big_prev_row
(Mans Rullgard).
Version 1.5.6rc01 [October 26, 2011]
Changed misleading "Missing PLTE before cHRM" warning to "Out of place cHRM"
Version 1.5.6rc02 [October 27, 2011]
Added LSR() macro to defend against buggy compilers that evaluate non-taken
code branches and complain about out-of-range shifts.
Version 1.5.6rc03 [October 28, 2011]
Renamed the LSR() macro to PNG_LSR() and added PNG_LSL() macro.
Fixed compiler warnings with Intel and MSYS compilers. The logical shift
fix for Microsoft Visual C is required by other compilers, so this
enables that fix for all compilers when using compile-time constants.
Under MSYS 'byte' is a name declared in a system header file, so we
changed the name of a local variable to avoid the warnings that result.
Added #define PNG_ALIGN_TYPE PNG_ALIGN_NONE to contrib/pngminim/*/pngusr.h
Version 1.5.6 [November 3, 2011]
No changes.
|
|
|
|
Version 1.5.5beta01 [July 13, 2011]
Fixed some typos and made other minor changes in the manual.
Updated contrib/pngminus/makefile.std (Samuli Souminen)
Version 1.5.5beta02 [July 14, 2011]
Revised Makefile.am and Makefile.in to look in the right directory for
pnglibconf.h.prebuilt
Version 1.5.5beta03 [July 27, 2011]
Enabled compilation with g++ compiler. This compiler does not recognize
the file extension, so it always compiles with C++ rules. Made minor
changes to pngrutil.c to cast results where C++ expects it but C does not.
Minor editing of libpng.3 and libpng-manual.txt.
Version 1.5.5beta04 [July 29, 2011]
Revised CMakeLists.txt (Clifford Yapp)
Updated commentary about the png_rgb_to_gray() default coefficients
in the manual and in pngrtran.c
Version 1.5.5beta05 [August 17, 2011]
Prevent unexpected API exports from non-libpng DLLs on Windows. The "_DLL"
is removed from the test of whether a DLL is being built (this erroneously
caused the libpng APIs to be marked as DLL exports in static builds under
Microsoft Visual Studio). Almost all of the libpng building configuration
is moved from pngconf.h to pngpriv.h, but PNG_DLL_EXPORT remains in
pngconf.h, though, so that it is colocated with the import definition (it
is no longer used anywhere in the installed headers). The VStudio project
definitions have been cleaned up: "_USRDLL" has been removed from the
static library builds (this was incorrect), and PNG_USE_DLL has been added
to pngvalid to test the functionality (pngtest does not supply it,
deliberately). The spurious "_EXPORTS" has been removed from the
libpng build (all these errors were a result of copy/paste between project
configurations.)
Added new types and internal functions for CIE RGB end point handling to
pngpriv.h (functions yet to be implemented).
Version 1.5.5beta06 [August 26, 2011]
Ensure the CMAKE_LIBRARY_OUTPUT_DIRECTORY is set in CMakeLists.txt
(Clifford Yap)
Fixes to rgb_to_gray and cHRM XYZ APIs (John Bowler):
The rgb_to_gray code had errors when combined with gamma correction.
Some pixels were treated as true grey when they weren't and such pixels
and true grey ones were not gamma corrected (the original value of the
red component was used instead). APIs to get and set cHRM using color
space end points have been added and the rgb_to_gray code that defaults
based on cHRM, and the divide-by-zero bug in png_handle_cHRM (CERT
VU#477046, CVE-2011-3328, introduced in 1.5.4) have been corrected.
A considerable number of tests has been added to pngvalid for the
rgb_to_gray transform.
Arithmetic errors in rgb_to_gray whereby the calculated gray value was
truncated to the bit depth rather than rounded have been fixed except in
the 8-bit non-gamma-corrected case (where consistency seems more important
than correctness.) The code still has considerable inaccuracies in the
8-bit case because 8-bit linear arithmetic is used.
Version 1.5.5beta07 [September 7, 2011]
Added "$(ARCH)" option to makefile.darwin
Added SunOS support to configure.ac and Makefile.am
Changed png_chunk_benign_error() to png_warning() in png.c, in
png_XYZ_from_xy_checked().
Version 1.5.5beta08 [September 10, 2011]
Fixed 64-bit compilation errors (gcc). The errors fixed relate
to conditions where types that are 32 bits in the GCC 32-bit
world (uLong and png_size_t) become 64 bits in the 64-bit
world. This produces potential truncation errors that the
compiler correctly flags.
Relocated new HAVE_SOLARIS_LD definition in configure.ac
Constant changes for 64-bit compatibility (removal of L suffixes). The
16-bit cases still use "L" as we don't have a 16-bit test system.
Version 1.5.5rc01 [September 17, 2011]
Removed "L" suffixes from constants in pngpriv.h
Version 1.5.5 [September 22, 2011]
No changes.
|
|
Version 1.5.3beta11 [June 11, 2011]
Fixed png_handle_sCAL which is broken in 1.5; added sCAL to pngtest.png
Revised documentation about png_set_user_limits() to say that it also affects
png writing.
Revised handling of png_set_user_limits() so that it can increase the
limit beyond the PNG_USER_WIDTH|HEIGHT_MAX; previously it could only
reduce it.
Make the 16-to-8 scaling accurate. Dividing by 256 with no rounding is
wrong (high by one) 25% of the time. Dividing by 257 with rounding is
wrong in 128 out of 65536 cases. Getting the right answer all the time
without division is easy.
Added "_SUPPORTED" to the PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION macro.
Added projects/owatcom, an IDE project for OpenWatcom to replace
scripts/makefile.watcom. This project works with OpenWatcom 1.9. The
IDE autogenerates appropriate makefiles (libpng.mk) for batch processing.
The project is configurable, unlike the Visual Studio project, so long
as the developer has an awk.
Changed png_set_gAMA to limit the gamma value range so that the inverse
of the stored value cannot overflow the fixed point representation,
and changed other things OpenWatcom warns about.
Revised pngvalid.c to test PNG_ALPHA_MODE_SUPPORTED correctly. This allows
pngvalid to build when ALPHA_MODE is not supported, which is required if
it is to build on libpng 1.4.
Removed string/memory macros that are no longer used and are not
necessarily fully supportable, particularly png_strncpy and png_snprintf.
Added log option to pngvalid.c and attempted to improve gamma messages.
Version 1.5.3 [omitted]
People found the presence of a beta release following an rc release
to be confusing; therefore we bump the version to libpng-1.5.4beta01
and there will be no libpng-1.5.3 release.
Version 1.5.4beta01 [June 14, 2011]
Made it possible to undefine PNG_READ_16_TO_8_ACCURATE_SCALE_SUPPORTED
to get the same (inaccurate) output as libpng-1.5.2 and earlier.
Moved definitions of PNG_HAVE_IHDR, PNG_AFTER_IDAT, and PNG_HAVE_PLTE
outside of an unknown-chunk block in png.h because they are also
needed for other uses.
Version 1.5.4beta02 [June 14, 2011]
Fixed and clarified LEGACY 16-to-8 scaling code.
Added png_set_chop_16() API, to match inaccurate results from previous
libpng versions.
Removed the ACCURATE and LEGACY options (they are no longer useable)
Use the old scaling method for background if png_set_chop_16() was
called.
Made png_set_chop_16() API removeable by disabling PNG_CHOP_16_TO_8_SUPPORTED
Version 1.5.4beta03 [June 15, 2011]
Fixed a problem in png_do_expand_palette() exposed by optimization in
1.5.3beta06
Also removed a spurious and confusing "trans" member ("trans") from png_info.
The palette expand optimization prevented expansion to an intermediate RGBA
form if tRNS was present but alpha was marked to be stripped; this exposed
a check for tRNS in png_do_expand_palette() which is inconsistent with the
code elsewhere in libpng.
Correction to the expand_16 code; removed extra instance of
png_set_scale_16_to_8 from pngpriv.h
Version 1.5.4beta04 [June 16, 2011]
Added a missing "#ifdef PNG_READ_BACKGROUND_SUPPORTED/#endif" in pngrtran.c
Added PNG_TRANSFORM_CHOP_16 to the high-level read transforms.
Made PNG_READ_16_TO_8_ACCURATE_SCALE configurable again. If this is
not enabled, png_set_strip_16() and png_do_scale_16_to_8() aren't built.
Revised contrib/visupng, gregbook, and pngminim to demonstrate chop_16_to_8
Version 1.5.4beta05 [June 16, 2011]
Renamed png_set_strip_16() to png_set_scale_16() and renamed
png_set_chop_16() to png_set_strip(16) in an attempt to minimize the
behavior changes between libpng14 and libpng15.
Version 1.5.4beta06 [June 18, 2011]
Fixed new bug that was causing both strip_16 and scale_16 to be applied.
Version 1.5.4beta07 [June 19, 2011]
Fixed pngvalid, simplified macros, added checking for 0 in sCAL.
The ACCURATE scale macro is no longer defined in 1.5 - call the
png_scale_16_to_8 API. Made sure that PNG_READ_16_TO_8 is still defined
if the png_strip_16_to_8 API is present. png_check_fp_number now
maintains some state so that positive, negative and zero values are
identified. sCAL uses these to be strictly spec conformant.
Version 1.5.4beta08 [June 23, 2011]
Fixed pngvalid if ACCURATE_SCALE is defined.
Updated scripts/pnglibconf.h.prebuilt.
Version 1.5.4rc01 [June 30, 2011]
Define PNG_ALLOCATED to "restrict" only if MSC_VER >= 1400.
Version 1.5.4 [July 7, 2011]
no changes.
|
