Package Release Info

optipng-0.7.7-bp150.2.5

Update Info: Base Release
Available in Package Hub : 15

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

optipng

Change Logs

Version: 0.7.7-bp150.2.4
* Fri Jan 12 2018 pgajdos@suse.com
- update to 0.7.7:
  * Upgraded minitiff to version 0.2.
  !! Fixed a buffer overflow vulnerability in the GIF decoder.
    [Reported by Joonun Jang]
  !! Fixed an integer overflow vulnerability in the TIFF decoder.
    [Reported by Jaeseung Choi]
    ! Fixed the build on macOS High Sierra.
    [Reported by various users]
    [Fixed by Yuen Ho Wong and Friedrich Preuss]
    ! Fixed the build on DJGPP.
  * Disallowed out-of-bounds values in rangeset options.
- removed upstream patches:
  - optipng-CVE-2017-1000229.patch
  - optipng-CVE-2017-16938.patch
* Mon Nov 27 2017 pgajdos@suse.com
- security update:
  * CVE-2017-16938 [bsc#1069774]
    + optipng-CVE-2017-16938.patch
* Mon Nov 20 2017 pgajdos@suse.com
- security update:
  * CVE-2017-1000229 [bsc#1068720]
    + optipng-CVE-2017-1000229.patch
* Tue Apr 05 2016 pgajdos@suse.com
- updated to 0.7.6, fixes CVE-2016-2191
* Mon Apr 27 2015 mpluskal@suse.com
- Cleanup spec file with spec-clener
- Update dependencies
- Enable checks
* Mon Mar 31 2014 pgajdos@suse.com
- updated to 0.7.5:
  ! Fixed various build issues with libpng-1.5 and libpng-1.6.
  * Allowed the handling of huge image files  (> millions of pixels
    per row or column) to be independent of the libpng version.
  + Allowed the option -preserve to save the file ownership (UID/GID)
    on Unix.  (Thanks to Otto Kekäläinen for the suggestion.)
- removed libpng16.patch
* Fri Feb 15 2013 pgajdos@suse.com
- build also agains libpng16
  * libpng16.patch
* Tue Nov 20 2012 pgajdos@suse.com
- updated to 0.7.4:
  !! Fixed the previous fix, which failed to fix the option -fix.
  (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.)
* Mon Sep 24 2012 pgajdos@suse.com
- updated to 0.7.3:
  * fixed 'OptiPNG Palette Reduction Use-After-Free Vulnerability'
    [bnc#780874]
* Tue Aug 07 2012 pgajdos@suse.com
- updated to 0.7.1:
  !! Fixed a regression in the reduction of palette-encoded grayscale
    images.  This regression was introduced in version 0.7.
    (Thanks to Adam Ciarcinski for the fix.)
* Fri Mar 02 2012 pgajdos@suse.com
- updated to 0.7:
  + Added the popularly-requested option -strip.
  + Added the option -backup, as an alias of -keep.
  + Added the option -silent, as an alias of -quiet.
  - Deprecated the option -log.
  * Changed the activity display output from STDOUT to STDERR.
  + Allowed the option -preserve to save high-resolution timestamps
  on Unix, if the POSIX-1.2008 API is available.  This feature was
  previously available on Windows only.
  ! Fixed a minor precision error in the display of file size percents.
  ! Fixed a memory leak that occurred when reading broken GIF images.
  ! Fixed various build issues.
    (Thanks to Sebastian Pipping and Ville Skytta for the fixes.)
  * Resolved all remaining compatibility issues with libpng-1.5.
    (Thanks in part to Adam Ciarcinski for the contribution.)
* Thu Mar 03 2011 pgajdos@suse.cz
- updated to 0.6.5:
  * Fixed processing of PNG files with chunks of size 0.
  * Fixed a display error in the TIFF import.
  * Improved checking of the arguments of -f, -zc, -zm and -zs.
  * Removed quirks from the rangeset option argument syntax.
* Mon Aug 23 2010 pgajdos@suse.cz
- updated to 0.6.4:
  + Added the option -nx.
  * Clarified the behavior of -nz and the relation between
  - nz and -o0.
  + Added a filesystem check (resolving normalized paths,
    symlinks, etc.) to better detect when the output overwrites
    the input.
* Tue Apr 06 2010 pgajdos@suse.cz
- build with libpng 1.4
* Tue May 19 2009 pgajdos@suse.cz
- updated to 0.6.3
  * fixes memory reallocation vulnerability (patch removed)
  * fixes use-after-free vulnerability [bnc#505103]
* Wed Mar 04 2009 meissner@suse.de
- build with RPM_OPT_FLAGS
* Tue Feb 24 2009 pgajdos@suse.cz
- fixed security bug: memory reallocation vulnerability [bnc#479067]
  * reallocation-security.diff
* Tue Jan 13 2009 pgajdos@suse.cz
- update to 0.6.2
  * fixes CVE-2008-5101, patch removed`
* Tue Dec 02 2008 pgajdos@suse.cz
- fixes [bnc#447453] - optipng bmp buffer overflow
  CVE-2008-5101.patch
* Thu Jul 31 2008 pgajdos@suse.cz
- updated to version 0.6.1:
  * Upgraded cexcept to version 2.0.1.
  + Added a configure script, to be used instead of unix-secure.mak.
  ! Fixed a build issue that occured when using libpng from the system.
  ! Fixed processing when image reduction yields an output larger than
  the original.
  ! Fixed behavior of -preserve.
  - Removed displaying of partial progress when abandoning IDATs under
  the -v option.  The percentages displayed were not very accurate.