Opened 8 years ago
Closed 8 years ago
#9682 closed enhancement (fixed)
libpng-1.6.32
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | 8.2 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 8 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 8 years ago
There seems to be two different libpng-1.6.32-apng.patch.gz files on sourceforge:
https://downloads.sourceforge.net/sourceforge/libpng-apng/libpng-1.6.32-apng.patch.gz -rw-rw-r-- 1 bdubbs bdubbs 10790 Aug 26 08:11 libpng-1.6.32-apng.patch.gz 1760dbaa13c2569fdda6d83f6483701e libpng-1.6.32-apng.patch.gz https://downloads.sourceforge.net/apng/libpng-1.6.32-apng.patch.gz -rw-rw-r-- 1 bdubbs bdubbs 10382 Aug 24 16:04 libpng-1.6.32-apng.patch.gz 86b44700cfcf5000b99bfff7d28f4345 libpng-1.6.32-apng.patch.gz
The first one works. The second one causes the checks to fail.
Note:
See TracTickets
for help on using tickets.
Changes:
Version 1.6.32beta01 [July 31, 2017] - Avoid possible NULL dereference in png_handle_eXIf when benign_errors are allowed. Avoid leaking the input buffer "eXIf_buf". - Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif to arguments for png_get_eXIf() and png_set_eXIf(). - Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in pngwrite.c, and made various other fixes to png_write_eXIf(). - Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid breaking API compatibility with libpng-1.6.31. Version 1.6.32beta02 [August 1, 2017] - Updated contrib/libtests/pngunknown.c with eXIf chunk. Version 1.6.32beta03 [August 2, 2017] - Initialized btoa[] in pngstest.c - Stop memory leak when returning from png_handle_eXIf() with an error (Bug report from the OSS-fuzz project). Version 1.6.32beta04 [August 2, 2017] - Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf(). - Update libpng.3 and libpng-manual.txt about eXIf functions. Version 1.6.32beta05 [August 2, 2017] - Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability. Version 1.6.32beta06 [August 2, 2017] - Removed png_get_eXIf_1() and png_set_eXIf_1(). Version 1.6.32beta07 [August 3, 2017] - Check length of all chunks except IDAT against user limit to fix an OSS-fuzz issue. Version 1.6.32beta08 [August 3, 2017] - Check length of IDAT against maximum possible IDAT size, accounting for height, rowbytes, interlacing and zlib/deflate overhead. - Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf) does not work (the eXIf chunk data can contain zeroes). Version 1.6.32beta09 [August 3, 2017] - Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation, no longer using deprecated cmake LOCATION feature (Clifford Yapp). - Fixed five-byte error in the calculation of IDAT maximum possible size. Version 1.6.32beta10 [August 5, 2017] - Moved chunk-length check into a png_check_chunk_length() private function (Suggested by Max Stepin). - Moved bad pngs from tests to contrib/libtests/crashers - Moved testing of bad pngs into a separate tests/pngtest-badpngs script - Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL in the output but PASS for the libpng test. - Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp). - Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the num_exif argument to png_get_eXIf_1() (Github Issue 171). Version 1.6.32beta11 [August 7, 2017] - Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks(). - Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers. - Make pngtest --strict, --relax, --xfail options imply -m (multiple). - Removed unused chunk_name parameter from png_check_chunk_length(). - Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak. - Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue. - Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR. - Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue. - Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account for the minimum 'deflate' stream, and relocate the test to a point after the keyword has been read. - Check that the eXIf chunk has at least 2 bytes and begins with "II" or "MM". Version 1.6.32rc01 [August 18, 2017] - Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers, one for each known chunk type, with length = 2GB-1. - Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706, and 162707). - Renamed chunks in contrib/testpngs/crashers to avoid having files whose names differ only in case; this causes problems with some platforms (github issue #172). Version 1.6.32rc02 [August 22, 2017] - Added contrib/oss-fuzz directory which contains files used by the oss-fuzz project (https://github.com/google/oss-fuzz/tree/master/projects/libpng). Version 1.6.32 [August 24, 2017] - No changes.