Package Release Info

libpng12-1.2.59-bp160.1.12

Update Info: Base Release
Available in Package Hub : 16.0

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libpng12-0

libpng12-0-32bit

libpng12-compat-devel

libpng12-compat-devel-32bit

libpng12-devel

libpng12-devel-32bit

Change Logs

* Fri Mar 01 2024 pgajdos@suse.com

- Use %autosetup macro. Allows to eliminate the usage of deprecated
  %patchN

* Wed May 04 2022 Marcus Meissner <meissner@suse.com>

- switched to https url

* Wed Jul 17 2019 pgajdos@suse.com

- version update to 1.2.59
  Added png_check_chunk_length() function, and check all chunks except
    IDAT against the default 8MB limit; check IDAT against the maximum
    size computed from IHDR parameters (Fixes CVE-2017-12652).
  Initialize memory allocated by png_inflate to zero, using memset, to
    stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2()
    due to truncated iTXt or zTXt chunk.

* Wed Jan 31 2018 pgajdos@suse.com

- check with -j1, be explicit

* Tue Jan 30 2018 jengelh@inai.de

- Fix SRPM group and grammar issues.

* Mon Jan 02 2017 pgajdos@suse.com

- updated to 1.2.57: fixes CVE-2016-10087

* Thu Dec 17 2015 pgajdos@suse.com

- updated to 1.2.56:
  Fixed an out-of-range read in png_check_keyword() (Bug report from
    Qixue Xiao, CVE-2015-8540).
  Added keyword checks to pngset.c

* Thu Dec 03 2015 pgajdos@suse.com

- updated to 1.2.55:
  Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(),
    png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr).
  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
    vulnerability.

* Fri Nov 13 2015 pgajdos@suse.com

- updated to 1.2.54

* Fri Aug 07 2015 pgajdos@suse.com

- build in build section