[libpng10] Update to 1.0.58
Paul Howarth
pghmcfc at fedoraproject.org
Fri Mar 9 19:01:21 UTC 2012
commit 5834b20c64c71c386a4bdc2adea56511c8682a50
Author: Paul Howarth <paul at city-fan.org>
Date: Fri Mar 9 18:59:59 2012 +0000
Update to 1.0.58
- New upstream release 1.0.58
- Fix bug with png_handle_hIST with odd chunk length
- Fix incorrect type (int copy should be png_size_t copy) in png_inflate()
(CVE-2011-3045)
- Fix off-by-one bug in png_handle_sCAL() when using fixed point arithmetic,
causing out-of-bounds read in png_set_sCAL() because of failure to copy
the string terminators
- Remove the png_free() of unused png_ptr->current_text from pngread.c
- Remove all of the assembler code from pnggccrd.c and just "return 2;"
libpng10.spec | 13 ++++++++++++-
sources | 2 +-
2 files changed, 13 insertions(+), 2 deletions(-)
---
diff --git a/libpng10.spec b/libpng10.spec
index 70ee0ad..aaa0f07 100644
--- a/libpng10.spec
+++ b/libpng10.spec
@@ -1,6 +1,6 @@
Summary: Old version of libpng, needed to run old binaries
Name: libpng10
-Version: 1.0.57
+Version: 1.0.58
Release: 1%{?dist}
License: zlib
Group: System Environment/Libraries
@@ -111,6 +111,17 @@ rm -rf %{buildroot}
%{_libdir}/pkgconfig/libpng10.pc
%changelog
+* Fri Mar 9 2012 Paul Howarth <paul at city-fan.org> 1.0.58-1
+- update to 1.0.58
+ - fix bug with png_handle_hIST with odd chunk length
+ - fix incorrect type (int copy should be png_size_t copy) in png_inflate()
+ (CVE-2011-3045)
+ - fix off-by-one bug in png_handle_sCAL() when using fixed point arithmetic,
+ causing out-of-bounds read in png_set_sCAL() because of failure to copy
+ the string terminators
+ - remove the png_free() of unused png_ptr->current_text from pngread.c
+ - remove all of the assembler code from pnggccrd.c and just "return 2;"
+
* Sun Feb 19 2012 Paul Howarth <paul at city-fan.org> 1.0.57-1
- update to 1.0.57 (fixed CVE-2011-3026 buffer overrun bug)
diff --git a/sources b/sources
index 24a229c..1f53efc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-4fb5e06493bfcaafc64e01d75aad0d15 libpng-1.0.57.tar.bz2
+286a09403703ffd54b3b17041714ec07 libpng-1.0.58.tar.bz2
More information about the scm-commits
mailing list