* Fri Jan 12 2018 email@example.com
- update to 0.7.7:
* Upgraded minitiff to version 0.2.
!! Fixed a buffer overflow vulnerability in the GIF decoder.
[Reported by Joonun Jang]
!! Fixed an integer overflow vulnerability in the TIFF decoder.
[Reported by Jaeseung Choi]
! Fixed the build on macOS High Sierra.
[Reported by various users]
[Fixed by Yuen Ho Wong and Friedrich Preuss]
! Fixed the build on DJGPP.
* Disallowed out-of-bounds values in rangeset options.
- removed upstream patches:
* Mon Nov 27 2017 firstname.lastname@example.org
- security update:
* CVE-2017-16938 [bsc#1069774]
* Mon Nov 20 2017 email@example.com
- security update:
* CVE-2017-1000229 [bsc#1068720]
* Tue Apr 05 2016 firstname.lastname@example.org
- updated to 0.7.6, fixes CVE-2016-2191
* Mon Apr 27 2015 email@example.com
- Cleanup spec file with spec-clener
- Update dependencies
- Enable checks
* Mon Mar 31 2014 firstname.lastname@example.org
- updated to 0.7.5:
! Fixed various build issues with libpng-1.5 and libpng-1.6.
* Allowed the handling of huge image files (> millions of pixels
per row or column) to be independent of the libpng version.
+ Allowed the option -preserve to save the file ownership (UID/GID)
on Unix. (Thanks to Otto Kekäläinen for the suggestion.)
- removed libpng16.patch
* Fri Feb 15 2013 email@example.com
- build also agains libpng16
* Tue Nov 20 2012 firstname.lastname@example.org
- updated to 0.7.4:
!! Fixed the previous fix, which failed to fix the option -fix.
(Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.)
* Mon Sep 24 2012 email@example.com
- updated to 0.7.3:
* fixed 'OptiPNG Palette Reduction Use-After-Free Vulnerability'
* Tue Aug 07 2012 firstname.lastname@example.org
- updated to 0.7.1:
!! Fixed a regression in the reduction of palette-encoded grayscale
images. This regression was introduced in version 0.7.
(Thanks to Adam Ciarcinski for the fix.)
* Fri Mar 02 2012 email@example.com
- updated to 0.7:
+ Added the popularly-requested option -strip.
+ Added the option -backup, as an alias of -keep.
+ Added the option -silent, as an alias of -quiet.
- Deprecated the option -log.
* Changed the activity display output from STDOUT to STDERR.
+ Allowed the option -preserve to save high-resolution timestamps
on Unix, if the POSIX-1.2008 API is available. This feature was
previously available on Windows only.
! Fixed a minor precision error in the display of file size percents.
! Fixed a memory leak that occurred when reading broken GIF images.
! Fixed various build issues.
(Thanks to Sebastian Pipping and Ville Skytta for the fixes.)
* Resolved all remaining compatibility issues with libpng-1.5.
(Thanks in part to Adam Ciarcinski for the contribution.)
* Thu Mar 03 2011 firstname.lastname@example.org
- updated to 0.6.5:
* Fixed processing of PNG files with chunks of size 0.
* Fixed a display error in the TIFF import.
* Improved checking of the arguments of -f, -zc, -zm and -zs.
* Removed quirks from the rangeset option argument syntax.
* Mon Aug 23 2010 email@example.com
- updated to 0.6.4:
+ Added the option -nx.
* Clarified the behavior of -nz and the relation between
- nz and -o0.
+ Added a filesystem check (resolving normalized paths,
symlinks, etc.) to better detect when the output overwrites
* Tue Apr 06 2010 firstname.lastname@example.org
- build with libpng 1.4
* Tue May 19 2009 email@example.com
- updated to 0.6.3
* fixes memory reallocation vulnerability (patch removed)
* fixes use-after-free vulnerability [bnc#505103]
* Wed Mar 04 2009 firstname.lastname@example.org
- build with RPM_OPT_FLAGS
* Tue Feb 24 2009 email@example.com
- fixed security bug: memory reallocation vulnerability [bnc#479067]
* Tue Jan 13 2009 firstname.lastname@example.org
- update to 0.6.2
* fixes CVE-2008-5101, patch removed`
* Tue Dec 02 2008 email@example.com
- fixes [bnc#447453] - optipng bmp buffer overflow
* Thu Jul 31 2008 firstname.lastname@example.org
- updated to version 0.6.1:
* Upgraded cexcept to version 2.0.1.
+ Added a configure script, to be used instead of unix-secure.mak.
! Fixed a build issue that occured when using libpng from the system.
! Fixed processing when image reduction yields an output larger than
! Fixed behavior of -preserve.
- Removed displaying of partial progress when abandoning IDATs under
the -v option. The percentages displayed were not very accurate.