[libpng10] Update to 1.0.58

Paul Howarth pghmcfc at fedoraproject.org
Fri Mar 9 19:01:21 UTC 2012 

commit 5834b20c64c71c386a4bdc2adea56511c8682a50
Author: Paul Howarth <paul at city-fan.org>
Date:   Fri Mar 9 18:59:59 2012 +0000

    Update to 1.0.58
    
    - New upstream release 1.0.58
      - Fix bug with png_handle_hIST with odd chunk length
      - Fix incorrect type (int copy should be png_size_t copy) in png_inflate()
        (CVE-2011-3045)
      - Fix off-by-one bug in png_handle_sCAL() when using fixed point arithmetic,
        causing out-of-bounds read in png_set_sCAL() because of failure to copy
        the string terminators
      - Remove the png_free() of unused png_ptr->current_text from pngread.c
      - Remove all of the assembler code from pnggccrd.c and just "return 2;"

 libpng10.spec |   13 ++++++++++++-
 sources       |    2 +-
 2 files changed, 13 insertions(+), 2 deletions(-)
---
diff --git a/libpng10.spec b/libpng10.spec
index 70ee0ad..aaa0f07 100644
--- a/libpng10.spec
+++ b/libpng10.spec
@@ -1,6 +1,6 @@
 Summary:	Old version of libpng, needed to run old binaries
 Name:		libpng10
-Version:	1.0.57
+Version:	1.0.58
 Release:	1%{?dist}
 License:	zlib
 Group:		System Environment/Libraries
@@ -111,6 +111,17 @@ rm -rf %{buildroot}
 %{_libdir}/pkgconfig/libpng10.pc
 
 %changelog
+* Fri Mar  9 2012 Paul Howarth <paul at city-fan.org> 1.0.58-1
+- update to 1.0.58
+  - fix bug with png_handle_hIST with odd chunk length
+  - fix incorrect type (int copy should be png_size_t copy) in png_inflate()
+    (CVE-2011-3045)
+  - fix off-by-one bug in png_handle_sCAL() when using fixed point arithmetic,
+    causing out-of-bounds read in png_set_sCAL() because of failure to copy
+    the string terminators
+  - remove the png_free() of unused png_ptr->current_text from pngread.c
+  - remove all of the assembler code from pnggccrd.c and just "return 2;"
+
 * Sun Feb 19 2012 Paul Howarth <paul at city-fan.org> 1.0.57-1
 - update to 1.0.57 (fixed CVE-2011-3026 buffer overrun bug)
 
diff --git a/sources b/sources
index 24a229c..1f53efc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-4fb5e06493bfcaafc64e01d75aad0d15  libpng-1.0.57.tar.bz2
+286a09403703ffd54b3b17041714ec07  libpng-1.0.58.tar.bz2

More information about the scm-commits mailing list