pkgsrc/graphics/png/distinfo

$NetBSD: distinfo,v 1.95 2012/03/29 13:26:33 wiz Exp $

SHA1 (libpng-1.5.10.tar.bz2) = e0e3de999095b737d134bd5f76d27188d26a41b2
RMD160 (libpng-1.5.10.tar.bz2) = 7b7e0b8f316404df0a88c535c25a27f9e3c1a57a
Size (libpng-1.5.10.tar.bz2) = 875183 bytes
SHA1 (patch-aa) = aaf79ebb8a18448c096c17ae9b02da02bc537db2
Update to 1.5.10 (security fix): Version 1.5.10beta01 [February 24, 2012] Removed two useless #ifdef directives from pngread.c and one from pngrutil.c Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case). Removed empty vstudio/pngstest directory (Clifford Yapp). Eliminated redundant png_push_read_tEXt\|zTXt\|iTXt\|unknown code from pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c; now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. Fixed bug with png_handle_hIST with odd chunk length (Frank Busse). Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h. Revised the SAFE_LIMITS feature to be the same as the feature in libpng16. Added information about the new limits in the manual. Version 1.5.10beta02 [February 27, 2012] Updated Makefile.in Version 1.5.10beta03 [March 6, 2012] Removed unused "current_text" members of png_struct and the png_free() of png_ptr->current_text from pngread.c Added palette-index checking. Issue a png_warning() if an invalid index is found. Version 1.5.10beta04 [March 10, 2012] Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition. Fixed CMF optimization of non-IDAT compressed chunks, which was added at libpng-1.5.4. It sometimes produced too small of a window. Version 1.5.10beta05 [March 10, 2012] Reject all iCCP chunks after the first, even if the first one is invalid. Issue a png_benign_error() instead of png_warning() about bad palette index. Fixed an off-by-one error in the palette index checking function. Revised example.c to put text strings in a temporary character array instead of directly assigning string constants to png_textp members. This avoids compiler warnings when -Wwrite-strings is enabled. Version 1.5.10 [March 29, 2012] Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice. Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). 2012-03-29 15:26:33 +02:00			$NetBSD: distinfo,v 1.95 2012/03/29 13:26:33 wiz Exp $
+ move the distfile digest/checksum value from files/md5 to distinfo + move the patch digest/checksum values from files/patch-sum to distinfo 2001-04-17 13:22:34 +02:00
Update to 1.5.10 (security fix): Version 1.5.10beta01 [February 24, 2012] Removed two useless #ifdef directives from pngread.c and one from pngrutil.c Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case). Removed empty vstudio/pngstest directory (Clifford Yapp). Eliminated redundant png_push_read_tEXt\|zTXt\|iTXt\|unknown code from pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c; now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. Fixed bug with png_handle_hIST with odd chunk length (Frank Busse). Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h. Revised the SAFE_LIMITS feature to be the same as the feature in libpng16. Added information about the new limits in the manual. Version 1.5.10beta02 [February 27, 2012] Updated Makefile.in Version 1.5.10beta03 [March 6, 2012] Removed unused "current_text" members of png_struct and the png_free() of png_ptr->current_text from pngread.c Added palette-index checking. Issue a png_warning() if an invalid index is found. Version 1.5.10beta04 [March 10, 2012] Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition. Fixed CMF optimization of non-IDAT compressed chunks, which was added at libpng-1.5.4. It sometimes produced too small of a window. Version 1.5.10beta05 [March 10, 2012] Reject all iCCP chunks after the first, even if the first one is invalid. Issue a png_benign_error() instead of png_warning() about bad palette index. Fixed an off-by-one error in the palette index checking function. Revised example.c to put text strings in a temporary character array instead of directly assigning string constants to png_textp members. This avoids compiler warnings when -Wwrite-strings is enabled. Version 1.5.10 [March 29, 2012] Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice. Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). 2012-03-29 15:26:33 +02:00			`SHA1 (libpng-1.5.10.tar.bz2) = e0e3de999095b737d134bd5f76d27188d26a41b2`
			`RMD160 (libpng-1.5.10.tar.bz2) = 7b7e0b8f316404df0a88c535c25a27f9e3c1a57a`
			`Size (libpng-1.5.10.tar.bz2) = 875183 bytes`
Update to 1.5.6, which integrated part of patch-aa (see beta04). Version 1.5.6beta01 [September 22, 2011] Fixed some 64-bit type conversion warnings in pngrtran.c Moved row_info from png_struct to a local variable. The various interlace mask arrays have been made into arrays of bytes and made PNG_CONST and static (previously some arrays were marked PNG_CONST and some weren't). Additional checks have been added to the transform code to validate the pixel depths after the transforms on both read and write. Removed some redundant code from pngwrite.c, in png_destroy_write_struct(). Changed chunk reading/writing code to use png_uint_32 instead of png_byte[4]. This removes the need to allocate temporary strings for chunk names on the stack in the read/write code. Unknown chunk handling still uses the string form because this is exposed in the API. Version 1.5.6beta02 [September 26, 2011] Added a note in the manual the png_read_update_info() must be called only once with a particular info_ptr. Fixed a typo in the definition of the new PNG_STRING_FROM_CHUNK(s,c) macro. Version 1.5.6beta03 [September 28, 2011] Revised test-pngtest.sh to report FAIL when pngtest fails. Added "--strict" option to pngtest, to report FAIL when the failure is only because the resulting valid files are different. Revised CMakeLists.txt to work with mingw and removed some material from CMakeLists.txt that is no longer useful in libpng-1.5. Version 1.5.6beta04 [October 5, 2011] Fixed typo in Makefile.in and Makefile.am ("-M Wl" should be "-M -Wl")." Version 1.5.6beta05 [October 12, 2011] Speed up png_combine_row() for interlaced images. This reduces the generality of the code, allowing it to be optimized for Adam7 interlace. The masks passed to png_combine_row() are now generated internally, avoiding some code duplication and localizing the interlace handling somewhat. Align png_struct::row_buf - previously it was always unaligned, caused by a bug in the code that attempted to align it; the code needs to subtract one from the pointer to take account of the filter byte prepended to each row. Optimized png_combine_row() when rows are aligned. This gains a small percentage for 16-bit and 32-bit pixels in the typical case where the output row buffers are appropriately aligned. The optimization was not previously possible because the png_struct buffer was always misaligned. Fixed bug in png_write_chunk_header() debug print, introduced in 1.5.6beta01. Version 1.5.6beta06 [October 17, 2011] Removed two redundant tests for unitialized row. Fixed a relatively harmless memory overwrite in compressed text writing with a 1 byte zlib buffer. Add ability to call png_read_update_info multiple times to pngvalid.c. Fixes for multiple calls to png_read_update_info. These fixes attend to most of the errors revealed in pngvalid, however doing the gamma work twice results in inaccuracies that can't be easily fixed. There is now a warning in the code if this is going to happen. Turned on multiple png_read_update_info in pngvalid transform tests. Prevent libpng from overwriting unused bits at the end of the image when it is not byte aligned, while reading. Prior to libpng-1.5.6 libpng would overwrite the partial byte at the end of each row if the row width was not an exact multiple of 8 bits and the image is not interlaced. Version 1.5.6beta07 [October 21, 2011] Made png_ptr->prev_row an aligned pointer into png_ptr->big_prev_row (Mans Rullgard). Version 1.5.6rc01 [October 26, 2011] Changed misleading "Missing PLTE before cHRM" warning to "Out of place cHRM" Version 1.5.6rc02 [October 27, 2011] Added LSR() macro to defend against buggy compilers that evaluate non-taken code branches and complain about out-of-range shifts. Version 1.5.6rc03 [October 28, 2011] Renamed the LSR() macro to PNG_LSR() and added PNG_LSL() macro. Fixed compiler warnings with Intel and MSYS compilers. The logical shift fix for Microsoft Visual C is required by other compilers, so this enables that fix for all compilers when using compile-time constants. Under MSYS 'byte' is a name declared in a system header file, so we changed the name of a local variable to avoid the warnings that result. Added #define PNG_ALIGN_TYPE PNG_ALIGN_NONE to contrib/pngminim/*/pngusr.h Version 1.5.6 [November 3, 2011] No changes. 2011-11-07 00:53:46 +01:00			`SHA1 (patch-aa) = aaf79ebb8a18448c096c17ae9b02da02bc537db2`