Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libpng16-tools-1.6.40-150600.1.3 RPM for ppc64le

From OpenSuSE Leap 15.6 for ppc64le

Name: libpng16-tools Distribution: SUSE Linux Enterprise 15
Version: 1.6.40 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150600.1.3 Build date: Thu May 9 15:16:15 2024
Group: Unspecified Build host: nebbiolo
Size: 136520 Source RPM: libpng16-1.6.40-150600.1.3.src.rpm
Packager: https://www.suse.com/
Url: http://www.libpng.org/pub/png/libpng.html
Summary: Tools for Manipulating PNG Images
Package consists of low level tools for manipulating and fixing particular
PNG files.

Provides

Requires

License

libpng-2.0

Changelog

* Thu Jun 22 2023 [email protected]
  - Update to version 1.6.40:
    * Fixed the eXIf chunk multiplicity checks.
    * Fixed a memory leak in pCAL processing.
    * Corrected the validity report about tRNS inside png_get_valid().
    * Fixed various build issues on *BSD, Mac and Windows.
    * Updated the configurations and the scripts for continuous integration.
    * Cleaned up the code, the build scripts, and the documentation.
* Mon May 15 2023 [email protected]
  - do not use NEON instructions [bsc#1211176]
* Thu Apr 20 2023 [email protected]
  - Fix license tag to libpng-2.0.
* Wed Feb 01 2023 [email protected]
  - Fix build: some*.la files are symlinks. Adjust spec to use
    find -type f,l
* Wed Feb 01 2023 [email protected]
  - switch to pkgconfig(zlib) to allow alternative providers as well
  - build with glibc hwcaps optimized libs
* Fri Nov 25 2022 [email protected]
  - Update to version 1.6.39:
    * cmake: Default to PNG_ARM_NEON=off for arm targets.
    + Turn large PNG chunks into benign errors.
    + Update, rename and clean up various scripts.
    + tools: Fix a buffer overflow involving a file name in pngfix.
    + tools: Fix a memory leak in pngcp.
* Fri Sep 16 2022 [email protected]
  - update to 1.6.38:
    * Added configurations and scripts for continuous integration.
    * Fixed various errors in the handling of tRNS, hIST and eXIf.
    * Implemented many stability improvements across all platforms.
    * Updated the internal documentation.
* Wed May 04 2022 [email protected]
  - switch source url to https
* Thu May 06 2021 [email protected]
  - install rpm macros in %{_rpmmacrodir} [bsc#1185661]
  - call spec-cleaner
* Thu Mar 11 2021 [email protected]
  - enable hardware optimizations (such as SSE)
* Wed Apr 17 2019 [email protected]
  - make check actually works under asan
* Mon Apr 15 2019 [email protected]
  - version update to 1.6.37
    Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
    Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
    Fixed a memory leak in pngtest.c.
    Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
      contrib/pngminus; refactor.
    Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
      (Contributed by Willem van Schaik)
    Added makefiles for AddressSanitizer-enabled builds.
  - deleted patches
    - libpng-arm-free.patch (upstreamed)
  - fixes [bsc#1121624] CVE-2019-6129 and [bsc#1124211] CVE-2019-7317
* Mon Jan 28 2019 [email protected]
  - fix arm build [bsc#1121829]
    + libpng-arm-free.patch
* Mon Jan 14 2019 [email protected]
  - asan_build: build ASAN included
  - debug_build: build more suitable for debugging, install pngcp
* Mon Dec 31 2018 [email protected]
  - update to 1.6.36:
    Replaced the remaining uses of png_size_t with size_t (Cosmin)
      Fixed the calculation of row_factor in png_check_chunk_length
      (reported by Thuan Pham in SourceForge issue #278)
      Added missing parentheses to a macro definition
      (suggested by "irwir" in GitHub issue #216)
      Optimized png_do_expand_palette for ARM processors.
      Improved performance by around 10-22% on a recent ARM Chromebook.
      (Contributed by Richard Townsend, ARM Holdings)
      Fixed manipulation of machine-specific optimization options.
      (Contributed by Vicki Pfau)
      Used memcpy instead of manual pointer arithmetic on Intel SSE2.
      (Contributed by Samuel Williams)
      Fixed build errors with MSVC on ARM64.
      (Contributed by Zhijie Liang)
      Fixed detection of libm in CMakeLists.
      (Contributed by Cameron Cawley)
      Fixed incorrect creation of pkg-config file in CMakeLists.
      (Contributed by Kyle Bentley)
      Fixed the CMake build on Windows MSYS by avoiding symlinks.
      Fixed a build warning on OpenBSD.
      (Contributed by Theo Buehler)
      Fixed various typos in comments.
      (Contributed by "luz.paz")
      Raised the minimum required CMake version from 3.0.2 to 3.1.
      Removed yet more of the vestigial support for pre-ANSI C compilers.
      Removed ancient makefiles for ancient systems that have been broken
      across all previous libpng-1.6.x versions.
      Removed the Y2K compliance statement and the export control
      information.
      Applied various code style and documentation fixes.
  - removed patches
    * libpng16-CVE-2018-13785.patch (upstreamed)
  - cannot find upstream tarball signature, asked upstream for
    clarification
* Wed Aug 01 2018 [email protected]
  - security update:
    * CVE-2018-13785 [bsc#1100687]
      + libpng16-CVE-2018-13785.patch
* Mon Feb 05 2018 [email protected]
  - %{libname} package provides libpng = %{version} again
    [bsc#1079342]
* Wed Jan 31 2018 [email protected]
  - check with -j1
* Tue Jan 30 2018 [email protected]
  - Fix SRPM group and grammar issues.
* Tue Jan 30 2018 [email protected]
  - removed obsoleted Obsoletes
* Sun Jan 28 2018 [email protected]
  - update to 1.6.34:
    * Removed contrib/pngsuite/i*.png; some of these were incorrect
      and caused test failures.
  - includes 1.6.33:
    * Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
      missing parenthesis in contrib/pngminus/pnm2png.c
    * Fixed off-by-one error in png_do_check_palette_indexes()
    * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
      to fix shortlived oss-fuzz issue 3234.
    * Compute a larger limit on IDAT because some applications write
      a deflate buffer for each row
    * Use current date (DATE) instead of release-date (RDATE) in last
      changed date of contrib/oss-fuzz files.
    * Enabled ARM support in CMakeLists.txt
    * Fixed incorrect typecast of some arguments to png_malloc() and
      png_calloc() that were png_uint_32 instead of png_alloc_size_t
    * Use pnglibconf.h.prebuilt when building for ANDROID with cmake
    * Initialize memory allocated by png_inflate to zero, using
      memset, to stop an oss-fuzz "use of uninitialized value"
      detection in png_set_text_2() due to truncated iTXt or zTXt
      chunk.
    * Initialize memory allocated by png_read_buffer to zero, using
      memset, to stop an oss-fuzz "use of uninitialized value"
      detection in png_icc_check_tag_table() due to truncated iCCP
      chunk.
    * Removed redundant tests
    * Added an interlaced version of each file in contrib/pngsuite.
    * Relocate new memset() call in pngrutil.c
    * Add support for loading images with associated alpha in the
      Simplified API
    * Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
      state
    * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
    * Add end_info structure and png_read_end() to the libpng fuzzer
  - includes 1.6.32:
    * Avoid possible NULL dereference in png_handle_eXIf when
      benign_errors are allowed. Avoid leaking the input buffer
      "eXIf_buf".
    * Eliminated png_ptr->num_exif member from pngstruct.h and added
      num_exif to arguments for png_get_eXIf() and png_set_eXIf().
    * Added calls to png_handle_eXIf(() in pngread.c and
      png_write_eXIf() in pngwrite.c, and made various other fixes
      to png_write_eXIf().
    * Changed name of png_get_eXIF and png_set_eXIf() to
      png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
      breaking API compatibility with libpng-1.6.31.
    * Updated contrib/libtests/pngunknown.c with eXIf chunk.
    * Initialized btoa[] in pngstest.c
    * Stop memory leak when returning from png_handle_eXIf() with an
      error
    * Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
    * Update libpng.3 and libpng-manual.txt about eXIf functions.
    * Restored png_get_eXIf() and png_set_eXIf() to maintain API
      compatability.
    * Removed png_get_eXIf_1() and png_set_eXIf_1().
    * Check length of all chunks except IDAT against user limit to
      fix an OSS-fuzz issue (Fixes CVE-2017-12652)
    * Check length of IDAT against maximum possible IDAT size,
      accounting for height, rowbytes, interlacing and zlib/deflate
      overhead.
    * Restored png_get_eXIf_1() and png_set_eXIf_1(), because
      strlen(eXIf_buf) does not work (the eXIf chunk data can
      contain zeroes).
    * Revised symlink creation, no longer using deprecated cmake
      LOCATION feature
    * Fixed five-byte error in the calculation of IDAT maximum
      possible size.
    * Moved chunk-length check into a png_check_chunk_length()
      private function
    * Moved bad pngs from tests to contrib/libtests/crashers
    * Moved testing of bad pngs into a separate
      tests/pngtest-badpngs script
    * Added the --xfail (expected FAIL) option to pngtest.c. It
      writes XFAIL in the output but PASS for the libpng test.
    * Require cmake-3.0.2 in CMakeLists.txt
    * Fix "const" declaration info_ptr argument to png_get_eXIf_1()
      and the num_exif argument to png_get_eXIf_1()
    * Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
    * Added huge_IDAT.png and empty_ancillary_chunks.png to
      testpngs/crashers.
    * Make pngtest --strict, --relax, --xfail options imply -m
      (multiple).
    * Removed unused chunk_name parameter from png_check_chunk_length().
    * Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
      leak.
    * Initialize profile_header[] in png_handle_iCCP() to fix
      OSS-fuzz issue.
    * Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
      OSS-fuzz UMR.
    * Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
    * Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
      to account for the minimum 'deflate' stream, and relocate the
      test to a point after the keyword has been read.
    * Check that the eXIf chunk has at least 2 bytes and begins with
      "II" or "MM".
    * Added a set of "huge_xxxx_chunk.png" files to
      contrib/testpngs/crashers, one for each known chunk type, with
      length = 2GB-1.
    * Check for 0 return from png_get_rowbytes() and added some
      (size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
      issues (162705, 162706, and 162707).
    * Renamed chunks in contrib/testpngs/crashers to avoid having
      files whose names differ only in case; this causes problems with
      some platforms
    * Added contrib/oss-fuzz directory which contains files used by
      the oss-fuzz project
  - cleanup with spec-cleaner
* Mon Aug 07 2017 [email protected]
  - update to 1.6.31:
    * Guard the definition of _POSIX_SOURCE in pngpriv.h.
    * Revised pngpriv.h to work around failure to compile
      arm/filter_neon.S.
    * Added "Requires: zlib" to libpng.pc.in.
    * Added special case for FreeBSD in arm/filter_neon.S.
    * Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent
      possible integer overflow.
    * Added eXIf chunk support.
  - remove upstreamed
    0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch
* Wed Jul 19 2017 [email protected]
  - Drop png-version-info-only.patch, it has no effect after applying
    0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch
    Both patches achieve the same, prefer the upstream version
* Fri Jul 14 2017 [email protected]
  - Add 0001-libpng16-Revised-pngpriv.h-to-use-PNG_VERSION_INFO_O.patch
    Fix build on ARM
* Mon Jul 10 2017 [email protected]
  - png-version-info-only.patch: fix missing PNG_VERSION_INFO_ONLY check
* Fri Jun 30 2017 [email protected]
  - update to 1.6.30:
    Revised documentation of png_get_error_ptr() in the libpng manual.
    Document need to check for integer overflow when allocating a pixel
      buffer for multiple rows in contrib/gregbook, contrib/pngminus,
      example.c, and in the manual (suggested by Jaeseung Choi). This
      is similar to the bug reported against pngquant in CVE-2016-5735.
    Check for integer overflow in contrib/visupng and contrib/tools/genpng.
    Do not double evaluate CMAKE_SYSTEM_PROCESSOR in CMakeLists.txt.
    Avoid writing an empty IDAT when the last IDAT exactly fills the
      compression buffer (bug report by Brian Baird).  This bug was
      introduced in libpng-1.6.0.
    Add a reference to the libpng.download site in README.
* Thu Mar 16 2017 [email protected]
  - update to 1.6.29:
    Moved SSE2 optimization code into the main libpng source directory.
      Configure libpng with "configure --enable-intel-sse" or compile
      libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it.
    Added code for PowerPC VSX optimisation (Vadim Barkov).
    Avoid potential overflow of shift operations in png_do_expand() (Aaron Boxer).
* Fri Jan 06 2017 [email protected]
  - update to 1.6.28: fix build issues
* Mon Jan 02 2017 [email protected]
  - update to 1.6.27: fixes CVE-2016-10087
* Thu Oct 20 2016 [email protected]
  - update to 1.6.26:
    Fixed handling zero length IDAT in pngfix (bug report by Agostino Sarubbo,
      bugfix by John Bowler).
    Do not issue a png_error() on read in png_set_pCAL() because
      png_handle_pCAL has allocated memory that libpng needs to free.
    Issue a png_benign_error instead of a png_error on ADLER32 mismatch
      while decoding compressed data chunks.
    Changed PNG_ZLIB_VERNUM to ZLIB_VERNUM in pngpriv.h, pngstruct.h, and
      pngrutil.c.
    If CRC handling of critical chunks has been set to PNG_CRC_QUIET_USE,
      ignore the ADLER32 checksum in the IDAT chunk as well as the chunk CRCs.
    Issue png_benign_error() on ADLER32 checksum mismatch instead of
      png_error().
    Updated the documentation about CRC and ADLER32 handling.
    Fixed offsets in contrib/intel/intel_sse.patch
    Changed integer constant 4294967294 to unsigned 4294967294U in pngconf.h
      to avoid a signed/unsigned compare in the preprocessor.
    Use zlib-1.2.8.1 inflateValidate() instead of inflateReset2() to
      optionally avoid ADLER32 evaluation.
* Thu Sep 01 2016 [email protected]
  - update to 1.6.25:
    Reject oversized iCCP profile immediately.
    Conditionally compile png_inflate().
    Don't install pngcp; it conflicts with pngcp in the pngtools package.
    Added MIPS support (Mandar Sahastrabuddhe <
* Thu Aug 04 2016 [email protected]
  - update to 1.6.24:
    Avoid potential overflow of the PNG_IMAGE_SIZE macro.
    Correct filter heuristic overflow handling.
    Use a more efficient absolute value calculation on SSE2.
    Added pngcp.
    etc. see ANNOUNCE
* Wed Aug 03 2016 [email protected]
  - Update to new upstream release 1.6.23
    * Fixes a potential memleak in png_set_tRNS.
    * Fixed the progressive reader to handle empty first IDAT
      chunk properly.
    * Added tests in pngvalid.c to check zero-length IDAT chunks
      in various positions.
    * Fixed the sequential reader to handle these more robustly.
    * Corrected progressive read input buffer in pngvalid.c.
    * Moved sse2 prototype from pngpriv.h to
      contrib/intel/intel_sse.patch.
    * Fixed undefined behavior in png_push_save_buffer().
      Do not call memcpy() with a null source, even if count is zero.
    * Fixed bad link to RFC2083 in png.5.
* Thu May 26 2016 [email protected]
  - update to 1.6.22:
    Added a png_image_write_to_memory() API and a number of assist macros
      to allow an application that uses the simplified API write to bypass
      stdio and write directly to memory.
    Relaxed limit checks on gamma values in pngrtran.c. As suggested in
      the comments gamma values outside the range currently permitted
      by png_set_alpha_mode are useful for HDR data encoding.  These values
      are already permitted by png_set_gamma so it is reasonable caution to
      extend the png_set_alpha_mode range as HDR imaging systems are starting
      to emerge.
    Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that
      were accidentally removed from libpng-1.6.17.
    Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h
      (Robert C. Seacord).
    Added INTEL-SSE2 support (Mike Klein and Matt Sarett, Google, Inc.).
    SSE filter speed improvements for bpp=3:
      memcpy-free implementations of load3() / store3().
    Added PNG_FAST_FILTERS macro (defined as
      PNG_FILTER_NONE|PNG_FILTER_SUB|PNG_FILTER_UP).
* Sun Jan 17 2016 [email protected]
  - Update to new upstream release 1.6.21
    * Widened the 'limit' check on the internally calculated error limits in
    the 'DIGITIZE' case (the code used prior to 1.7 for rgb_to_gray error
    checks) and changed the check to only operate in non-release builds
    (base build type not RC or RELEASE.)
    * Fixed undefined behavior in pngvalid.c, undefined because
    (png_byte) << shift is undefined if it changes the signed bit
    (because png_byte is promoted to int). The libpng exported functions
    png_get_uint_32 and png_get_uint_16 handle this.
* Thu Dec 03 2015 [email protected]
  - update to 1.6.20:
    Avoid potential pointer overflow/underflow in png_handle_sPLT() and
      png_handle_pCAL() (Bug report by John Regehr).
    Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
      not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
      vulnerability.
    Backported tests from libpng-1.7.0beta69.
    Fixed an error in handling of bad zlib CMINFO field in pngfix, found by
      American Fuzzy Lop, reported by Brian Carpenter.  inflate() doesn't
      immediately fault a bad CMINFO field; instead a 'too far back' error
      happens later (at least some times).  pngfix failed to limit CMINFO to
      the allowed values but then assumed that window_bits was in range,
      triggering an assert. The bug is mostly harmless; the PNG file cannot
      be fixed.
    In libpng 1.6 zlib initialization was changed to use the window size
      in the zlib stream, not a fixed value. This causes some invalid images,
      where CINFO is too large, to display 'correctly' if the rest of the
      data is valid.  This provides a workaround for zlib versions where the
      error arises (ones that support the API change to use the window size
      in the stream).
* Fri Nov 13 2015 [email protected]
  - update to 1.6.19:
    Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
    Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
    Fixed the recently reported 1's complement security issue.
    Fixed png_save_int_32 when int is not 2's complement by replacing
      the value that is illegal in the PNG spec, in both signed and
      unsigned values, with 0.
    etc., see ANNOUNCE and CHANGES for details
  - removed: libpng-rgb_to_gray-checks.patch (upstreamed)
* Fri Aug 07 2015 [email protected]
  - drop unknown configure switch
* Wed Apr 01 2015 [email protected]
  - Fixed rgb_to_gray checks and added tRNS checks to pngvalid.c.
    + libpng-rgb_to_gray-checks.patch
* Mon Mar 30 2015 [email protected]
  - updated to 1.6.17:
    Corrected the width limit calculation in png_check_IHDR().
    Removed user limits from pngfix. Also pass NULL pointers to
      png_read_row to skip the unnecessary row de-interlace stuff.
    Implement previously untested cases of libpng transforms in pngvalid.c
    Fixed byte order in 2-byte filler, in png_do_read_filler().
    Made the check for out-of-range values in png_set_tRNS() detect
      values that are exactly 2^bit_depth, and work on 16-bit platforms.
    Merged some parts of libpng-1.6.17beta01 and libpng-1.7.0beta47.
    Added #ifndef __COVERITY__ where needed in png.c, pngrutil.c and
      pngset.c to avoid warnings about dead code.
    Do not build png_product2() when it is unused.
    Display user limits in the output from pngtest.
    Eliminated the PNG_SAFE_LIMITS macro and restored the 1-million-column
      and 1-million-row default limits in pnglibconf.dfa, that can be reset
      by the user at build time or run time.  This provides a more robust
      defense against DOS and as-yet undiscovered overflows.
    Added PNG_WRITE_CUSTOMIZE_COMPRESSION_SUPPORTED macro, on by default.
    Allow user to call png_get_IHDR() with NULL arguments (Reuben Hawkins).
    Moved png_set_filter() prototype into a PNG_WRITE_SUPPORTED block
      of png.h.
    Free the unknown_chunks structure even when it contains no data.
    Fixed simplified 8-bit-linear to sRGB alpha. The calculated alpha
      value was wrong.  It's not clear if this affected the final stored
      value; in the obvious code path the upper and lower 8-bits of the
      alpha value were identical and the alpha was truncated to 8-bits
      rather than dividing by 257 (John Bowler).
* Tue Jan 13 2015 [email protected]
  - build with PNG_SAFE_LIMITS_SUPPORTED [bnc#912076], [bnc#912929]
* Mon Dec 29 2014 [email protected]
  - updated to 1.6.16:
    * Restored a test on width that was removed from png.c at libpng-1.6.9
      (Bug report by Alex Eubanks).
    * Fixed an overflow in png_combine_row with very wide interlaced images.
* Thu Nov 20 2014 [email protected]
  - updated to 1.6.15:
    * Avoid out-of-bounds memory access in png_user_version_check().
    * Fixed incorrect handling of the iTXt compression.
    * Free all allocated memory in pngimage.
    * Fixed array size calculations to avoid warnings.
    etc. see ANNOUNCE

Files

/usr/bin/png-fix-itxt
/usr/bin/pngfix
/usr/lib/rpm/macros.d/macros.libpng-tools


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 19:51:39 2024