#17337 closed enhancement (fixed)
libpng-1.6.39
| Reported by: | Bruce Dubbs | Owned by: | Bruce Dubbs |
|---|---|---|---|
| Priority: | elevated | Milestone: | 11.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (7)
comment:1 by , 17 months ago
comment:2 by , 17 months ago
| Priority: | normal → elevated |
|---|
comment:3 by , 17 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:4 by , 17 months ago
Changes from version 1.6.38 to version 1.6.39
- Changed the error handler of oversized chunks (i.e. larger than PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error.
- Fixed a buffer overflow error in contrib/tools/pngfix.
- Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp.
- Disabled the ARM Neon optimizations by default in the CMake file, following the default behavior of the configure script.
- Allowed configure.ac to work with the trunk version of autoconf.
- Removed the support for "install" targets from the legacy makefiles; removed the obsolete makefile.cegcc.
- Cleaned up the code and updated the internal documentation.
comment:5 by , 17 months ago
Note that contrib/tools/pngcp is built, but not installed with BLFS instructions.
comment:6 by , 17 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at commits
0a807b6a0a Update to graphviz-7.0.2. 3cef615aef Update to mercurial-6.3.1. 296cbe28d1 Update to qpdf-11.2.0. 916bc1d14b Update to SDL2-2.26.0. 063c012b03 Update to libpng-1.6.39. 8ce663780e Update to newt-0.52.22.
comment:7 by , 17 months ago
No security advisory for this one since the command in question is not installed.
Note:
See TracTickets
for help on using tickets.
apng patch for libpng-1.6.38 still applies for 1.6.39.