Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libpng16-16-1.6.37-1.4 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: libpng16-16 Distribution: openSUSE Tumbleweed
Version: 1.6.37 Vendor: openSUSE
Release: 1.4 Build date: Wed Nov 27 00:04:15 2019
Group: System/Libraries Build host: obs-arm-1
Size: 264104 Source RPM: libpng16-1.6.37-1.4.src.rpm
Summary: Library for the Portable Network Graphics Format (PNG)
libpng is the official reference library for the Portable Network
Graphics format (PNG).






* Wed Apr 17 2019
  - make check actually works under asan
* Mon Apr 15 2019
  - version update to 1.6.37
    Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
    Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
    Fixed a memory leak in pngtest.c.
    Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
      contrib/pngminus; refactor.
    Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
      (Contributed by Willem van Schaik)
    Added makefiles for AddressSanitizer-enabled builds.
  - deleted patches
    - libpng-arm-free.patch (upstreamed)
* Mon Jan 28 2019 Petr Gajdos <>
  - fix arm build [bsc#1121829]
    + libpng-arm-free.patch
* Mon Jan 14 2019 Petr Gajdos <>
  - asan_build: build ASAN included
  - debug_build: build more suitable for debugging, install pngcp
* Mon Dec 31 2018 Petr Gajdos <>
  - update to 1.6.36:
    Replaced the remaining uses of png_size_t with size_t (Cosmin)
      Fixed the calculation of row_factor in png_check_chunk_length
      (reported by Thuan Pham in SourceForge issue #278)
      Added missing parentheses to a macro definition
      (suggested by "irwir" in GitHub issue #216)
      Optimized png_do_expand_palette for ARM processors.
      Improved performance by around 10-22% on a recent ARM Chromebook.
      (Contributed by Richard Townsend, ARM Holdings)
      Fixed manipulation of machine-specific optimization options.
      (Contributed by Vicki Pfau)
      Used memcpy instead of manual pointer arithmetic on Intel SSE2.
      (Contributed by Samuel Williams)
      Fixed build errors with MSVC on ARM64.
      (Contributed by Zhijie Liang)
      Fixed detection of libm in CMakeLists.
      (Contributed by Cameron Cawley)
      Fixed incorrect creation of pkg-config file in CMakeLists.
      (Contributed by Kyle Bentley)
      Fixed the CMake build on Windows MSYS by avoiding symlinks.
      Fixed a build warning on OpenBSD.
      (Contributed by Theo Buehler)
      Fixed various typos in comments.
      (Contributed by "luz.paz")
      Raised the minimum required CMake version from 3.0.2 to 3.1.
      Removed yet more of the vestigial support for pre-ANSI C compilers.
      Removed ancient makefiles for ancient systems that have been broken
      across all previous libpng-1.6.x versions.
      Removed the Y2K compliance statement and the export control
      Applied various code style and documentation fixes.
  - removed patches
    * libpng16-CVE-2018-13785.patch (upstreamed)
  - cannot find upstream tarball signature, asked upstream for
* Wed Aug 01 2018
  - security update:
    * CVE-2018-13785 [bsc#1100687]
      + libpng16-CVE-2018-13785.patch
* Mon Feb 05 2018
  - %{libname} package provides libpng = %{version} again
* Wed Jan 31 2018
  - check with -j1
* Tue Jan 30 2018
  - Fix SRPM group and grammar issues.
* Tue Jan 30 2018
  - removed obsoleted Obsoletes
* Sun Jan 28 2018
  - update to 1.6.34:
    * Removed contrib/pngsuite/i*.png; some of these were incorrect
      and caused test failures.
  - includes 1.6.33:
    * Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
      missing parenthesis in contrib/pngminus/pnm2png.c
    * Fixed off-by-one error in png_do_check_palette_indexes()
    * Initialize png_handler.row_ptr in
      to fix shortlived oss-fuzz issue 3234.
    * Compute a larger limit on IDAT because some applications write
      a deflate buffer for each row
    * Use current date (DATE) instead of release-date (RDATE) in last
      changed date of contrib/oss-fuzz files.
    * Enabled ARM support in CMakeLists.txt
    * Fixed incorrect typecast of some arguments to png_malloc() and
      png_calloc() that were png_uint_32 instead of png_alloc_size_t
    * Use pnglibconf.h.prebuilt when building for ANDROID with cmake
    * Initialize memory allocated by png_inflate to zero, using
      memset, to stop an oss-fuzz "use of uninitialized value"
      detection in png_set_text_2() due to truncated iTXt or zTXt
    * Initialize memory allocated by png_read_buffer to zero, using
      memset, to stop an oss-fuzz "use of uninitialized value"
      detection in png_icc_check_tag_table() due to truncated iCCP
    * Removed redundant tests
    * Added an interlaced version of each file in contrib/pngsuite.
    * Relocate new memset() call in pngrutil.c
    * Add support for loading images with associated alpha in the
      Simplified API
    * Revert contrib/oss-fuzz/ to libpng-1.6.32
    * Initialize png_handler.row_ptr in
    * Add end_info structure and png_read_end() to the libpng fuzzer
  - includes 1.6.32:
    * Avoid possible NULL dereference in png_handle_eXIf when
      benign_errors are allowed. Avoid leaking the input buffer
    * Eliminated png_ptr->num_exif member from pngstruct.h and added
      num_exif to arguments for png_get_eXIf() and png_set_eXIf().
    * Added calls to png_handle_eXIf(() in pngread.c and
      png_write_eXIf() in pngwrite.c, and made various other fixes
      to png_write_eXIf().
    * Changed name of png_get_eXIF and png_set_eXIf() to
      png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
      breaking API compatibility with libpng-1.6.31.
    * Updated contrib/libtests/pngunknown.c with eXIf chunk.
    * Initialized btoa[] in pngstest.c
    * Stop memory leak when returning from png_handle_eXIf() with an
    * Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
    * Update libpng.3 and libpng-manual.txt about eXIf functions.
    * Restored png_get_eXIf() and png_set_eXIf() to maintain API
    * Removed png_get_eXIf_1() and png_set_eXIf_1().
    * Check length of all chunks except IDAT against user limit to
      fix an OSS-fuzz issue (Fixes CVE-2017-12652)
    * Check length of IDAT against maximum possible IDAT size,
      accounting for height, rowbytes, interlacing and zlib/deflate
    * Restored png_get_eXIf_1() and png_set_eXIf_1(), because
      strlen(eXIf_buf) does not work (the eXIf chunk data can
      contain zeroes).
    * Revised symlink creation, no longer using deprecated cmake
      LOCATION feature
    * Fixed five-byte error in the calculation of IDAT maximum
      possible size.
    * Moved chunk-length check into a png_check_chunk_length()
      private function
    * Moved bad pngs from tests to contrib/libtests/crashers
    * Moved testing of bad pngs into a separate
      tests/pngtest-badpngs script
    * Added the --xfail (expected FAIL) option to pngtest.c. It
      writes XFAIL in the output but PASS for the libpng test.
    * Require cmake-3.0.2 in CMakeLists.txt
    * Fix "const" declaration info_ptr argument to png_get_eXIf_1()
      and the num_exif argument to png_get_eXIf_1()
    * Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
    * Added huge_IDAT.png and empty_ancillary_chunks.png to
    * Make pngtest --strict, --relax, --xfail options imply -m
    * Removed unused chunk_name parameter from png_check_chunk_length().
    * Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
    * Initialize profile_header[] in png_handle_iCCP() to fix
      OSS-fuzz issue.
    * Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
      OSS-fuzz UMR.
    * Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
    * Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
      to account for the minimum 'deflate' stream, and relocate the
      test to a point after the keyword has been read.
    * Check that the eXIf chunk has at least 2 bytes and begins with
      "II" or "MM".
    * Added a set of "huge_xxxx_chunk.png" files to
      contrib/testpngs/crashers, one for each known chunk type, with
      length = 2GB-1.
    * Check for 0 return from png_get_rowbytes() and added some
      (size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
      issues (162705, 162706, and 162707).
    * Renamed chunks in contrib/testpngs/crashers to avoid having
      files whose names differ only in case; this causes problems with
      some platforms
    * Added contrib/oss-fuzz directory which contains files used by
      the oss-fuzz project
  - cleanup with spec-cleaner



Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Feb 12 00:15:37 2020