Package Release Info

pngcheck-3.0.3-bp153.3.3.1

Update Info: openSUSE-2022-10142
Available in Package Hub : 15 SP3 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

pngcheck

Change Logs

* Mon Dec 13 2021 pgajdos@suse.com

- version update to 3.0.3
  * 20210124 GRR: released version 3.0.1
  * ----------------------
  * 20201217 BB:  fixed a crash bug (and probable vulnerability) in large (MNG)
  * LOOP chunks
  * 20210131 GRR: updated Makefile.mingw32 for modern versions and added
  * Makefile.mingw64 (targets Win64); both are essentially
  * UNTESTED, however!
  * 20210131 GRR: released version 3.0.2
  * ----------------------
  * 20210416 BB:  fixed a divide-by-zero crash bug (and probable vulnerability)
  * in interlaced images with extra compressed data beyond the
  * nominal end of the image data (found by "chiba of topsec alpha
  * lab")

Version: 3.0.0-bp154.1.19

* Mon Dec 28 2020 pgajdos@suse.com

- version update to 3.0.0
  * 20070709 GRR: tweaked color definitions slightly to work better on terminals
  * with white/light backgrounds
  * 20070712 GRR: added Makefile.mingw32
  * 20100504 GRR: fixed DHDR (pre-MNG-1.0) bug identified by Winfried <szukw000@arcor.de>
  * 20170713 GRP: added eXIf support (GRR: added check for II/MM/unknown format)
  * 20201012 BB:  converted static const help/usage-related strings to macros so
  * -Werror=format-security doesn't trigger (Ben Beasley)
  * 20201015 BB:  added (help2man-generated) man pages for all three utils
  * 20201017 GRR: added top-level LICENSE file; fixed various compiler warnings
  * 20201031 GRR: replaced gpl/COPYING (outdated address, references to Library
  * GPL) with https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
  * (thanks to Ben Beasley for catching that)
  * 20201113 BB:  fixed buffer-overflow vulnerability discovered by "giantbranch
  * of NSFOCUS Security Team"
  * https://bugzilla.redhat.com/show_bug.cgi?id=1897485
  * 20201128 BB:  found and fixed four additional vulnerabilities (null-pointer
  * dereference and three buffer overruns)
  * 20201209 LP:  fixed an off-by-one bug in check_magic() (Lucy Phipps)
  * 20201209 LL:  converted two zlib-version warnings/errors to go to stderr
  * (Lemures Lemniscati, actually from 20180318; forwarded by LP)
  * 20201210 BB:  fixed another buffer-overflow vulnerability discovered by
  * "giantbranch of NSFOCUS Security Team"
  * https://bugzilla.redhat.com/show_bug.cgi?id=1905775
  * 20201212 GRR: removed -f ("force") option due to multiple security issues
- modified patches
  % fixbuild.diff (refreshed)
- deleted patches
  - pngcheck-CVE-2020-27818.patch (upstreamed)

Version: 2.3.0-bp153.2.14

Version: 2.3.0-bp152.4.3.1

Version: 2.3.0-bp152.3.13

Version: 2.3.0-bp151.4.3.1

* Thu Dec 03 2020 pgajdos@suse.com

- security update
- added patches
  fix CVE-2020-27818 [bsc#1179528], global buffer overflow was discovered in check_chunk_name function via crafted pngfile
  + pngcheck-CVE-2020-27818.patch

Version: 2.3.0-bp151.3.1

Version: 2.3.0-bp151.2.14

Version: 2.3.0-bp150.2.4

* Sun Aug 02 2015 mpluskal@suse.com

- Use url for source
- Cleanup spec file with spec-cleaner

* Fri Aug 09 2013 pgajdos@suse.com

- micro spec file cleanup, created *.changes

* Sun Aug 30 2009 opensuse@dstoecker.de

- created 2.3.0