[mingw-libpng: 15/25] Update to 1.4.8 (CVE-2011-2690, CVE-2011-2692)

Kalev Lember kalev at fedoraproject.org
Tue Mar 6 19:40:38 UTC 2012 

commit af26964030b1e706413e09b98c61e467abf14c3c
Author: Kalev Lember <kalevlember at gmail.com>
Date:   Fri Jul 22 13:01:56 2011 +0300

    Update to 1.4.8 (CVE-2011-2690, CVE-2011-2692)

 .gitignore                 |    1 +
 libpng-CVE-2011-2501.patch |   49 --------------------------------------------
 mingw32-libpng.spec        |   20 ++++++-----------
 sources                    |    2 +-
 4 files changed, 9 insertions(+), 63 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 0a4a22c..c807b4b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 libpng-1.4.3.tar.bz2
+/libpng-1.4.8.tar.xz
diff --git a/mingw32-libpng.spec b/mingw32-libpng.spec
index 5d944e6..4b8b12e 100644
--- a/mingw32-libpng.spec
+++ b/mingw32-libpng.spec
@@ -5,23 +5,15 @@
 %global __find_provides %{_mingw32_findprovides}
 
 Name:           mingw32-libpng
-Version:        1.4.3
-Release:        3%{?dist}
+Version:        1.4.8
+Release:        1%{?dist}
 Summary:        MinGW Windows Libpng library
 
 License:        zlib
 URL:            http://www.libpng.org/pub/png/
-Source0:        ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.bz2
+Source0:        ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.xz
 Patch2:         mingw32-libpng-fix-invalid-exports.patch
 
-# https://bugzilla.redhat.com/show_bug.cgi?id=717510
-# https://bugzilla.redhat.com/show_bug.cgi?id=717511
-# CVE-2011-2501
-#
-# *** NOTE *** When updating the package, please ensure the
-# new version either contains this fix, or this patch is retained.
-Patch3:         libpng-CVE-2011-2501.patch
-
 Group:          Development/Libraries
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -49,8 +41,6 @@ MinGW Windows Libpng library.
 # issue more to find out the real cause, but this will do for now
 %patch2 -p0
 
-%patch3 -p1
-
 
 %build
 %{_mingw32_configure}
@@ -82,6 +72,7 @@ rm -rf $RPM_BUILD_ROOT
 %{_mingw32_includedir}/libpng14
 %{_mingw32_includedir}/png.h
 %{_mingw32_includedir}/pngconf.h
+%{_mingw32_libdir}/libpng.dll.a
 %{_mingw32_libdir}/libpng.la
 %{_mingw32_libdir}/libpng14.a
 %{_mingw32_libdir}/libpng14.dll.a
@@ -91,6 +82,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Fri Jul 22 2011 Kalev Lember <kalevlember at gmail.com> - 1.4.8-1
+- Update to 1.4.8 (CVE-2011-2690, CVE-2011-2692)
+
 * Wed Jun 29 2011 Richard W.M. Jones <rjones at redhat.com> - 1.4.3-3
 - Include fix for CVE-2011-2501 (RHBZ#717510, RHBZ#717511).
 
diff --git a/sources b/sources
index 386932d..046b6f5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-9347eeda4241401f7da4dc9ba7f6a416  libpng-1.4.3.tar.bz2
+2ce595d571f2b06a9403ed5bcfa4ecbd  libpng-1.4.8.tar.xz

More information about the mingw mailing list