Commit graph

227 commits

Author SHA1 Message Date
wiz
24d26b9f86 Update to 1.6.9, getting rid of the final two patches after discussion
with very helpful upstream.

Changes:

Version 1.6.9beta01 [December 26, 2013]
  Bookkeeping: Moved functions around (no changes). Moved transform
    function definitions before the place where they are called so that
    they can be masde static. Move the intrapixel functions and the
    grayscale palette builder out of the png?tran.c files. The latter
    isn't a transform function and is no longer used internally, and the
    former MNG specific functions are better placed in pngread/pngwrite.c
  Made transform implementation functions static. This makes the internal
    functions called by png_do_{read|write}_transformations static. On an
    x86-64 DLL build (Gentoo Linux) this reduces the size of the text
    segment of the DLL by 1208 bytes, about 0.6%. It also simplifies
    maintenance by removing the declarations from pngpriv.h and allowing
    easier changes to the internal interfaces.
  Rebuilt configure scripts with automake-1.14.1 and autoconf-2.69
    in the tar distributions.

Version 1.6.9beta02 [January 1, 2014]
  Added checks for libpng 1.5 to pngvalid.c.  This supports the use of
    this version of pngvalid in libpng 1.5
  Merged with pngvalid.c from libpng-1.7 changes to create a single
    pngvalid.c
  Removed #error macro from contrib/tools/pngfix.c (Thomas Klausner).
  Merged pngrio.c, pngtrans.c, pngwio.c, and pngerror.c with libpng-1.7.0
  Merged libpng-1.7.0 changes to make no-interlace configurations work
    with test programs.
  Revised pngvalid.c to support libpng 1.5, which does not support the
    PNG_MAXIMUM_INFLATE_WINDOW option, so #define it out when appropriate in
    pngvalid.c
  Allow unversioned links created on install to be disabled in configure.
    In configure builds 'make install' changes/adds links like png.h
    and libpng.a to point to the newly installed, versioned, files (e.g.
    libpng17/png.h and libpng17.a). Three new configure options and some
    rearrangement of Makefile.am allow creation of these links to be disabled.

Version 1.6.9beta03 [January 10, 2014]
  Removed potentially misleading warning from png_check_IHDR().

Version 1.6.9beta04 [January 20, 2014]
  Updated scripts/makefile.* to use CPPFLAGS (Cosmin).
  Added clang attribute support (Cosmin).

Version 1.6.9rc01 [January 28, 2014]
  No changes.

Version 1.6.9rc02 [January 30, 2014]
  Quiet an uninitialized memory warning from VC2013 in png_get_png().

Version 1.6.9 [February 6, 2014]
2014-02-06 18:24:11 +00:00
wiz
a64f837fc0 Update to 1.6.8:
Version 1.6.8beta01 [November 24, 2013]
  Moved prototype for png_handle_unknown() in pngpriv.h outside of
    the #ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED/#endif block.
  Added "-Wall" to CFLAGS in contrib/pngminim/*/makefile
  Conditionally compile some unused functions reported by -Wall in
    pngminim.
  Fixed 'minimal' builds. Various obviously useful minimal configurations
    don't build because of missing contrib/libtests test programs and
    overly complex dependencies in scripts/pnglibconf.dfa. This change
    adds contrib/conftest/*.dfa files that can be used in automatic build
    scripts to ensure that these configurations continue to build.
  Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
  Fixed pngvalid 'fail' function declaration on the Intel C Compiler.
    This reverts to the previous 'static' implementation and works round
    the 'unused static function' warning by using PNG_UNUSED().

Version 1.6.8beta02 [November 30, 2013]
  Removed or marked PNG_UNUSED some harmless "dead assignments" reported
    by clang scan-build.
  Changed tabs to 3 spaces in png_debug macros and changed '"%s"m'
    to '"%s" m' to improve portability among compilers.
  Changed png_free_default() to free() in pngtest.c

Version 1.6.8rc01 [December 12, 2013]
  Tidied up pngfix inits and fixed pngtest no-write builds.

Version 1.6.8rc02 [December 14, 2013]
  Handle zero-length PLTE chunk or NULL palette with png_error()
    instead of png_chunk_report(), which by default issues a warning
    rather than an error, leading to later reading from a NULL pointer
    (png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
    and VU#650142.

Version 1.6.8 [December 19, 2013]
2013-12-31 17:27:48 +00:00
tron
556df919f8 Fix build with SunStudio compiler under Solaris. 2013-12-26 15:59:20 +00:00
tron
0cf9e8de00 Fix download URL on "ftp.fu-berlin.de". 2013-11-15 07:42:08 +00:00
wiz
0b4e792c1d Update to 1.6.7:
Version 1.6.7beta01 [September 30, 2013]
  Revised unknown chunk code to correct several bugs in the NO_SAVE_/NO_WRITE
    combination
  Allow HANDLE_AS_UNKNOWN to work when other options are configured off. Also
    fixed the pngminim makefiles to work when $(MAKEFLAGS) contains stuff
    which terminates the make options (as by default in recent versions of
    Gentoo).
  Avoid up-cast warnings in pngvalid.c. On ARM the alignment requirements of
    png_modifier are greater than that of png_store and as a consequence
    compilation of pngvalid.c results in a warning about increased alignment
    requirements because of the bare cast to (png_modifier*). The code is safe,
    because the pointer is known to point to a stack allocated png_modifier,
    but this change avoids the warning.
  Fixed default behavior of ARM_NEON_API. If the ARM NEON API option was
    compiled without the CHECK option it defaulted to on, not off.
  Check user callback behavior in pngunknown.c. Previous versions compiled
    if SAVE_UNKNOWN was not available but did nothing since the callback
    was never implemented.
  Merged pngunknown.c with 1.7 version and back ported 1.7 improvements/fixes

Version 1.6.7beta02 [October 12, 2013]
  Made changes for compatibility with automake 1.14:
    1) Added the 'compile' program to the list of programs that must be cleaned
       in autogen.sh
    2) Added 'subdir-objects' which causes .c files in sub-directories to be
       compiled such that the corresponding .o files are also in the
       sub-directory.  This is because automake 1.14 warns that the
       current behavior of compiling to the top level directory may be removed
       in the future.
    3) Updated dependencies on pnglibconf.h to match the new .o locations and
       added all the files in contrib/libtests and contrib/tools that depend
       on pnglibconf.h
    4) Added 'BUILD_SOURCES = pnglibconf.h'; this is the automake recommended
       way of handling the dependencies of sources that are machine generated;
       unfortunately it only works if the user does 'make all' or 'make check',
       so the dependencies (3) are still required.
  Cleaned up (char*) casts of zlib messages. The latest version of the Intel C
    compiler complains about casting a string literal as (char*), so copied the
    treatment of z_const from the library code into pngfix.c
  Simplified error message code in pngunknown. The simplification has the
    useful side effect of avoiding a bogus warning generated by the latest
    version of the Intel C compiler (it objects to
    condition ? string-literal : string-literal).
  Make autogen.sh work with automake 1.13 as well as 1.14. Do this by always
    removing the 1.14 'compile' script but never checking for it.

Version 1.6.7beta03 [October 19, 2013]
  Added ARMv8 support (James Yu <james.yu at linaro.org>).  Added file
    arm/filter_neon_intrinsics.c; enable with -mfpu=neon.
  Revised pngvalid to generate size images with as many filters as it can
    manage, limited by the number of rows.
  Cleaned up ARM NEON compilation handling. The tests are now in pngpriv.h
    and detect the broken GCC compilers.

Version 1.6.7beta04 [October 26, 2013]
  Allow clang derived from older GCC versions to use ARM intrinsics. This
    causes all clang builds that use -mfpu=neon to use the intrinsics code,
    not the assembler code.  This has only been tested on iOS 7. It may be
    necessary to exclude some earlier clang versions but this seems unlikely.
  Changed NEON implementation selection mechanism. This allows assembler
    or intrinsics to be turned on at compile time during the build by defining
    PNG_ARM_NEON_IMPLEMENTATION to the correct value (2 or 1).  This macro
    is undefined by default and the build type is selected in pngpriv.h.

Version 1.6.7rc01 [November 2, 2013]
  No changes.

Version 1.6.7rc02 [November 7, 2013]
  Fixed #include in filter_neon_intrinsics.c and ctype macros. The ctype char
    checking macros take an unsigned char argument, not a signed char.

Version 1.6.7 [November 14, 2013]
2013-11-14 23:09:45 +00:00
wiz
bcf94f1f6b Update to 1.6.6:
Version 1.6.6 [September 16, 2013]
  Removed two stray lines of code from arm/arm_init.c, again.
2013-09-30 18:17:03 +00:00
wiz
661ca80926 Update to 1.6.5:
libpng-1.6.5 has been released, to remove two stray lines in arm/arm_init.c
that caused libpng to fail to compile when ARM support is enabled.  This
problem was apparently due to a cut-and-paste error of some sort on my part.
2013-09-14 16:45:48 +00:00
wiz
14676caa15 Update to 1.6.4:
Changes since the last public release (1.6.3):
  Added information about png_set_options() to the manual.
  Delay calling png_init_filter_functions() until a row with nonzero filter
    is found.
  Fixed inconsistent conditional compilation of png_chunk_unknown_handling()
    prototype, definition, and usage.  Made it depend on
    PNG_HANDLE_AS_UNKNOWN_SUPPORTED everywhere.
2013-09-12 13:00:53 +00:00
wiz
e5cd6c8822 PLIST update for png-1.6.3. 2013-07-18 06:27:34 +00:00
wiz
6162b3ee5e Update to 1.6.3:
Changes since the last public release (1.6.2):

  Revised stack marking in arm/filter_neon.S and configure.ac.
  Ensure that NEON filter stuff is completely disabled when switched 'off'.
    Previously the ARM NEON specific files were still built if the option
    was switched 'off' as opposed to being explicitly disabled.
  Test for 'arm*' not just 'arm' in the host_cpu configure variable.
  Rebuilt the configure scripts.
  Expanded manual paragraph about writing private chunks, particularly
    the need to call png_set_keep_unknown_chunks() when writing them.
  Avoid dereferencing NULL pointer possibly returned from
     png_create_write_struct() (Andrew Church).
  Calculate our own zlib windowBits when decoding rather than trusting the
    CMF bytes in the PNG datastream.
  Added an option to force maximum window size for inflating, which was
    the behavior of libpng15 and earlier.
  Added png-fix-itxt and png-fix-too-far-back to the built programs and
    removed warnings from the source code and timepng that are revealed as
    a result.
  Detect wrong libpng versions linked to png-fix-too-far-back, which currently
    only works with libpng versions that can be made to reliably fail when
    the deflate data contains an out-of-window reference.  This means only
    1.6 and later.
  Fixed gnu issues: g++ needs a static_cast, gcc 4.4.7 has a broken warning
    message which it is easier to work round than ignore.
  Updated contrib/pngminus/pnm2png.c (Paul Stewart):
    Check for EOF
    Ignore "#" delimited comments in input file to pnm2png.c.
    Fixed whitespace handling
    Added a call to png_set_packing()
    Initialize dimension values so if sscanf fails at least we have known
      invalid values.
  Attempt to detect configuration issues with png-fix-too-far-back, which
    requires both the correct libpng and the correct zlib to function
    correctly.
  Check ZLIB_VERNUM for mismatches, enclose #error in quotes
  Added information in the documentation about problems with and fixes for
    the bad CRC and bad iTXt chunk situations.
  Allow contrib/pngminus/pnm2png.c to compile without WRITE_INVERT and
    WRITE_PACK supported (writes error message that it can't read P1 or
  Improved png-fix-too-far-back usage message, added --suffix option.
  Revised contrib/pngminim/*/makefile to generate pnglibconf.h with the
    right zlib header files.
  Separated CPPFLAGS and CFLAGS in contrib/pngminim/*/makefile
  Removed a redundant test in png_set_IHDR().
  Added set(CMAKE_CONFIGURATION_TYPES ...) to CMakeLists.txt (Andrew Hundt)
  Deleted set(CMAKE_BUILD_TYPE) block from CMakeLists.txt
  Enclose the prototypes for the simplified write API in
    #ifdef PNG_STDIO_SUPPORTED/#endif
  Make ARM NEON support work at compile time (not just configure time).
    This moves the test on __ARM_NEON__ into pngconf.h to avoid issues when
    using a compiler that compiles for multiple architectures at one time.
  Removed PNG_FILTER_OPTIMIZATIONS and PNG_ARM_NEON_SUPPORTED from
    pnglibconf.h, allowing more of the decisions to be made internally
    (pngpriv.h) during the compile.  Without this, symbol prefixing is broken
    under certain circumstances on ARM platforms.  Now only the API parts of
    the optimizations ('check' vs 'api') are exposed in the public header files
    except that the new setting PNG_ARM_NEON_OPT documents how libpng makes the
    decision about whether or not to use the optimizations.
  Protect symbol prefixing against CC/CPPFLAGS/CFLAGS useage.
    Previous iOS/Xcode fixes for the ARM NEON optimizations moved the test
    on __ARM_NEON__ from configure time to compile time.  This breaks symbol
    prefixing because the definition of the special png_init_filter_functions
    call was hidden at configure time if the relevant compiler arguments are
    passed in CFLAGS as opposed to CC.  This change attempts to avoid all
    the confusion that would result by declaring the init function even when
    it is not used, so that it will always get prefixed.
  Revised libpng.3 so that "doclifter" can process it.
  Revised example.c to illustrate use of PNG_DEFAULT_sRGB and
PNG_GAMMA_MAC_18
    as parameters for png_set_gamma().  These have been available since
    libpng-1.5.4.
  Renamed contrib/tools/png-fix-too-far-back.c to pngfix.c and revised it
    to check all compressed chunks known to libpng.
  Updated documentation to show default behavior of benign errors correctly.
  Only compile ARM code when PNG_READ_SUPPORTED is defined.
  Fixed undefined behavior in contrib/tools/pngfix.c and added new strip
    option. pngfix relied on undefined behavior and even a simple change from
    gcc to g++ caused it to fail.  The new strip option 'unsafe' has been
    implemented and is the default if --max is given.  Option names have
    been clarified, with --strip=transform now stripping the bKGD chunk,
    which was stripped previously with --strip=unused.
  Added all documented chunk types to pngpriv.h
  Unified pngfix.c source with libpng17.
  Revised manual about changes in iTXt chunk handling made in libpng-1.6.0.
  Added "/* SAFE */" comments in pngrutil.c and pngrtran.c where warnings
    may be erroneously issued by code-checking applications.
2013-07-18 06:26:51 +00:00
tsutsui
b074ccf342 Add workaround for PR/47798 (png gets SEGV on NetBSD/arm 6.1 due to gcc bug).
- specify "-O2 -fno-ipa-sra" for NetBSD/arm and gcc-4.5.* in hacks.mk
 - also bump PKGREVISION for explicit rebuild

"Please commit that" from wiz@.
2013-06-23 05:20:33 +00:00
wiz
9bc5e5ec4f Update to 1.6.2:
Version 1.6.2rc01 [April 18, 2013]
  Added contrib/tools/fixitxt.c, to repair the erroneous iTXt chunk length
    written by libpng-1.6.0 and 1.6.1.
  Disallow storing sRGB information when the sRGB is not supported.

Version 1.6.2rc02 [April 18, 2013]
  Merge pngtest.c with libpng-1.7.0

Version 1.6.2rc03 [April 22, 2013]
  Trivial spelling cleanup.

Version 1.6.2rc04 and 1.6.2rc05 [omitted]

Version 1.6.2rc06 [April 24, 2013]
  Reverted to version 1.6.2rc03.  Recent changes to arm/neon support
    have been ported to libpng-1.7.0beta09 and will reappear in version
    1.6.3beta01.
2013-04-25 22:01:14 +00:00
prlw1
2ec428dffe Update png to 1.6.2beta01
Version 1.6.2beta01 [April 14, 2013]
  Updated documentation of 1.5.x to 1.6.x changes in iCCP chunk handling.
  Fixed incorrect warning of excess deflate data. End condition - the
    warning would be produced if the end of the deflate stream wasn't read
    in the last row.  The warning is harmless.
  Corrected the test on user transform changes on read. It was in the
    png_set of the transform function, but that doesn't matter unless the
    transform function changes the rowbuf size, and that is only valid if
    transform_info is called.
  Corrected a misplaced closing bracket in contrib/libtests/pngvalid.c
    (Flavio Medeiros).
  Corrected length written to uncompressed iTXt chunks (Samuli Suominen).
2013-04-15 22:33:41 +00:00
kim
cc611c7e14 Updated graphics/png to 1.6.1 [kim 2013-04-01]
Version 1.6.1beta06 [March 4, 2013]
  Better documentation of unknown handling API interactions.
  Corrected Android builds and corrected libpng.vers with symbol
    prefixing This adds an API to set optimization options externally,
    providing an alternative and general solution for the non-portable
    run-time tests used by the ARM Neon code.  It also makes those tests
    compile and link on Android.
  The order of settings vs options in pnglibconf.h is reversed to allow
    settings to depend on options and options can now set (or override) the
    defaults for settings.

Version 1.6.1beta07 [March 7, 2013]
  Corrected simplified API default gamma for color-mapped output, added
    a flag to change default. In 1.6.0 when the simplified API was used
    to produce color-mapped output from an input image with no gamma
    information the gamma assumed for the input could be different from
    that assumed for non-color-mapped output.  In particular 16-bit depth
    input files were assumed to be sRGB encoded, whereas in the 'direct'
    case they were assumed to have linear data.  This was an error.  The
    fix makes the simplified API treat all input files the same way and
    adds a new flag to the png_image::flags member to allow the
    application/user to specify that 16-bit files contain sRGB data
    rather than the default linear.
  Fixed bugs in the pngpixel and makepng test programs.

Version 1.6.1beta08 [March 7, 2013]
  Fixed CMakelists.txt to allow building a single variant of the library
    (Claudio Bley):
  Introduced a PNG_LIB_TARGETS variable that lists all activated library
    targets.  It is an error if this variable ends up empty, ie. you have
    to build at least one library variant.
  Made the *_COPY targets only depend on library targets actually being build.
  Use PNG_LIB_TARGETS to unify a code path.
  Changed the CREATE_SYMLINK macro to expect the full path to a file as the
    first argument. When symlinking the filename component of that path is
    determined and used as the link target.
  Use copy_if_different in the CREATE_SYMLINK macro.

Version 1.6.1beta09 [March 13, 2013]
  Eliminated two warnings from the Intel C compiler. The warnings are
    technically valid, although a reasonable treatment of division would
    show it to be incorrect.

Version 1.6.1rc01 [March 21, 2013]
  No changes.

Version 1.6.1 [March 28, 2013]
  No changes.
2013-04-01 18:26:12 +00:00
wiz
a72187dd20 Update to 1.6.1beta05 for a bugfix needed by wm/awesome (via
ImageMagick).

Version 1.6.1beta01 [February 16, 2013]
  Made symbol prefixing work with the ARM neon optimizations. Also allow
    pngpriv.h to be included for preprocessor definitions only, so it can
    be used in non-C/C++ files. Back ported from libpng 1.7.
  Made sRGB check numbers consistent.
  Ported libpng 1.5 options.awk/dfn file handling to 1.6, fixed one bug.
  Removed cc -E workround, corrected png_get_palette_max API Tested on
    SUN OS cc 5.9, which demonstrates the tokenization problem previously
    avoided by using /lib/cpp.  Since all .dfn output is now protected in
    double quotes unless it is to be macro substituted the fix should
    work everywhere.
  Enabled parallel tests - back ported from libpng-1.7.
  scripts/pnglibconf.dfa formatting improvements back ported from libpng17.
  Fixed a race condition in the creation of the build 'scripts' directory
    while building with a parallel make.
  Use approved/supported Android method to check for NEON, use Linux/POSIX
    1003.1 API to check /proc/self/auxv avoiding buffer allocation and other
    library calls (ported from libpng15).

Version 1.6.1beta02 [February 19, 2013]
  Use parentheses more consistently in "#if defined(MACRO)" tests.
  Folded long lines.
  Reenabled code to allow zero length PLTE chunks for MNG.

Version 1.6.1beta03 [February 22, 2013]
  Fixed ALIGNED_MEMORY support.
  Allow run-time ARM NEON checking to be disabled. A new configure option:
    --enable-arm-neon=always will stop the run-time checks. New checks
    within arm/arm_init.c will cause the code not to be compiled unless
    __ARM_NEON__ is set. This should make it fail safe (if someone asks
    for it on then the build will fail if it can't be done.)
  Updated the INSTALL document.

Version 1.6.1beta04 [February 27, 2013]
  Revised INSTALL to recommend using CPPFLAGS instead of INCLUDES.
  Revised scripts/makefile.freebsd to respect ZLIBLIB and ZLIBINC.
  Revised scripts/dfn.awk to work with the buggy MSYS awk that has trouble
    with CRLF line endings.

Version 1.6.1beta05 [March 2, 2013]
  Avoid a possible memory leak in contrib/gregbook/readpng.c
  Fixed bug introduced in libpng-1.6.0beta28 that causes libpng to handle chunks
    even when they have been tagged PNG_HANDLE_CHUNK_NEVER.
2013-03-02 10:55:25 +00:00
wiz
8f0bb77899 Update to 1.6.0:
This release adds a "simplified API" and removes some features
that have been deprecated since libpng.1.5.x.

Changes to Libpng from version 1.5.x to 1.6.x:

A "simplified API" has been added (see documentation in png.h and a simple
example in contrib/examples/pngtopng.c).  The new publicly visible API
includes the following:

   macros:
     PNG_FORMAT_*
     PNG_IMAGE_*
   structures:
     png_control
     png_image
   read functions
     png_image_begin_read_from_file()
     png_image_begin_read_from_stdio()
     png_image_begin_read_from_memory()
     png_image_finish_read()
     png_image_free()
   write functions
     png_image_write_to_file()
     png_image_write_to_stdio()

Starting with libpng-1.6.0, you can configure libpng to prefix all exported
symbols, using the PNG_PREFIX macro.

We no longer include string.h in png.h.  The include statement has been moved
to pngpriv.h, where it is not accessible by applications.  Applications that
need access to information in string.h must add an '#include "string.h"'
directive.  It does not matter whether this is placed prior to or after
the '"#include png.h"' directive.

The following API are now DEPRECATED:
   png_info_init_3()
   png_convert_to_rfc1123() which has been replaced
     with png_convert_to_rfc1123_buffer()
   png_data_freer()
   png_malloc_default()
   png_free_default()
   png_reset_zstream()

The following has been removed:
   png_get_io_chunk_name(), which has been replaced
     with png_get_io_chunk_type().  The new
     function returns a 32-bit integer instead of
     a string.
   The png_sizeof(), png_strlen(), png_memcpy(), png_memcmp(), and
     png_memset() macros are no longer used in the libpng sources and
     have been removed.  These had already been made invisible to
applications
     (i.e., defined in the private pngpriv.h header file) since
libpng-1.5.0.

The signatures of many exported functions were changed, such that
   png_structp became png_structrp or png_const_structrp
   png_infop became png_inforp or png_const_inforp
where "rp" indicates a "restricted pointer".

Error detection in some chunks has improved; in particular the iCCP chunk
reader now does pretty complete validation of the basic format.  Some bad
profiles that were previously accepted are now rejected, in particular the
very old broken Microsoft/HP sRGB profile.

The library now issues a warning if both background processing and RGB to
gray are used when gamma correction happens. As with previous versions of
the library the results are numerically very incorrect in this case.

There are some minor arithmetic changes in some transforms such as
png_set_background(), that might be detected by certain regression tests.

Unknown chunk handling has been improved internally, without any API change.
This adds more correct option control of the unknown handling, corrects
a pre-existing bug where the per-chunk 'keep' setting is ignored, and makes
it possible to skip IDAT chunks in the sequential reader.
2013-02-16 11:16:06 +00:00
wiz
559d7db9b4 Update to 1.5.14:
Changes since the last public release (1.5.13):
  Added -DZ_SOLO to contrib/pngminim/*/makefile to work with zlib-1.2.7
  Warn about the incorrect runtime library setting for VS2010 debug DLL builds.
  Fixed build when using #define PNG_NO_READ_GAMMA in png_do_compose() in
    pngrtran.c (Domani Hannes).
  Check for png_ptr==NULL earlier in png_zalloc().
  Ignore, with a warning, out-of-range value of num_trans in png_set_tRNS().
  Rearranged building of ARM NEON optimizations. The ARM specific code is
    split out entirely to the arm subdirectory and changes to configure.acand
    Makefile.am to add new stuff are reduced.  Now material code changes,
    although for build test purposes, --enable-arm-neon now builds on non-ARM
    systems.
  Rebuilt Makefile.in, configure, etc., with autoconf-2.69 and automake-1.12.5.
  Fixed cases of unquoted DESTDIR in Makefile.am
  Fixed a minor bug in types to malloc and major bug in handling compressed
    iTXt. Compressed iTXt could not be handled.
  Cleaned up whitespace in the synopsis portion of the manpage "libpng.3"
  Disassembled the version number in scripts/options.awk (necessary for
    building on SunOs).
  Fixed Windows build issues, enabled ARM compilation. Various warnings issued
    by earlier versions of GCC fixed for Cygwin and Min/GW (which both use old
    GCCs.) ARM support is enabled by default in zlib.props (unsupported by
    Microsoft) and ARM compilation is made possible by deleting the check for
    x86. The test programs cannot be run because they are not signed.
  Fixed 'make distcheck' on SUN OS - libpng.so was not being removed
  Replaced AM_CONFIG_HEADER(config.h) with AC_CONFIG_HEADERS([config.h])
    in configure.ac
  De-configured build fixes to make a range of deconfiguration options (such
    as switching off read or write support) work in more cases.  Also upgraded
    pngtest and pngvalid to the libpng 1.6 versions (with some modifications)
    which provide more extensive testing.  Replaced pngtest.png because pngtest
    writes the ancillary chunks in a different order.
  Check validity of "num_unknowns" parameter of png_set_unknown_chunks()
    (Bug report from yuris).
  Check the validity of the "nentries" parameter of png_set_sPLT() and the
  "num_text" parameter of png_set_text_2().
2013-01-24 08:15:50 +00:00
asau
08f35c7155 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-06 14:10:39 +00:00
wiz
88edc8d491 Update to 1.5.13:
Version 1.5.13beta01 [August 8, 2012]
  Do not compile PNG_DEPRECATED, PNG_ALLOC and PNG_PRIVATE when __GNUC__ < 3.
  Removed references to png_zalloc() and png_zfree() from the manual.
  Revised PNG_FP_EXPORT and PNG_FIXED_EXPORT macros to avoid generating
    lone semicolons (patch ported from libpng-1.6.0beta11).

Version 1.5.13beta02 [September 10, 2012]
  Corrected handling of the image array and the row_pointers array in example.c
  When png_set_filler is used to strip a filler channel during write, the
    code prior to 1.5 would ignore the case where the output required an
    alpha channel or when the output was a palettized PNG.  In libpng-1.5 the
    ignorance was lost and libpng proceeded to strip the channel resulting
    in a bad (potential memory overwrite) failure later.  This reverts
    the behavior to the pre-1.5 state but issues a warning. libpng-1.6 is
    expected to issue an error on the erroneous png_set_filler call.
  Use png_memset() consistently (pngmem.c contained some bare "memset" calls).

Version 1.5.13rc01 [September 17, 2012]
  No changes.

Version 1.5.13 [September 27, 2012]
  No changes.
2012-10-02 16:58:46 +00:00
wiz
fd1c22c3b7 Update to 1.5.12:
Removed scripts/makefile.cegcc from the *.zip and *.7z distributions; it
    depends on configure, which is not included in those archives.
  Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386.

I don't see CVS-2012-3386 as a vulnerability that applies to pkgsrc,
since to trigger it, you have to run 'make distcheck', and pkgsrc
never does that.
2012-07-11 09:00:41 +00:00
wiz
5610e35d8a Update to 1.5.11:
Version 1.5.11beta01 [April 28, 2012]
  Revised scripts/makefile.darwin: use system zlib; remove quotes around
    architecture list; add missing ppc architecture; add architecture options
    to shared library link; don't try to create a shared lib based on missing
    RELEASE variable.
  Enable png_set_check_for_invalid_index() for both read and write.
  Removed #ifdef PNG_HANDLE_AS_UNKNOWN_SUPPORTED/#endif in pngpriv.h around
    declaration of png_handle_unknown().
  Added -lssp_nonshared in a comment in scripts/makefile.freebsd
    and changed deprecated NOOBJ and NOPROFILE to NO_OBJ and NO_PROFILE.

Version 1.5.11rc01 [May 23, 2012]
  No changes.

Version 1.5.11rc02 [May 29, 2012]
  Fixed some typos in comments.
  Revised CMakeLists.txt to not attempt to make a symlink under mingw.
  Added two images to contrib/pngsuite (1-bit and 2-bit transparent grayscale),
    and renamed three whose names were inconsistent with those in
    pngsuite/README.txt.

Version 1.5.11rc03 [June 4, 2012]
  Do not depend upon a GCC feature macro being available for use in generating
    the linker mapfile symbol prefix.
  Made fixes for new optimization warnings from gcc 4.7.0. The compiler
    performed an optimization which is safe but then warned about it.
    Changing the type of 'palette_number' in pngvalid.c removes the warning.

Version 1.5.11rc04 [June 6, 2012]
  Improved performance of new do_check_palette_indexes() function.

Version 1.5.11rc05 [June 7, 2012]
  Don't check palette indexes if num_palette is 0 (as it can be in MNG files).

Version 1.5.11 [June 14, 2012]
  Include zlib.h in contrib/gregbook and contrib/visupng examples.
2012-06-14 15:40:35 +00:00
wiz
5d8180206d Update to 1.5.10 (security fix):
Version 1.5.10beta01 [February 24, 2012]
  Removed two useless #ifdef directives from pngread.c and one from pngrutil.c
  Always put the CMAKE_LIBRARY in "lib" (removed special WIN32 case).
  Removed empty vstudio/pngstest directory (Clifford Yapp).
  Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from
    pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c;
    now that png_ptr->buffer is inaccessible to applications, the special
    handling is no longer useful.
  Fixed bug with png_handle_hIST with odd chunk length (Frank Busse).
  Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h
    to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined.
    To enable, use "CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED" on the configure
    command or put "#define PNG_SAFE_LIMITS_SUPPORTED" in pnglibconf.h.
  Revised the SAFE_LIMITS feature to be the same as the feature in libpng16.
  Added information about the new limits in the manual.

Version 1.5.10beta02 [February 27, 2012]
  Updated Makefile.in

Version 1.5.10beta03 [March 6, 2012]
  Removed unused "current_text" members of png_struct and the png_free()
    of png_ptr->current_text from pngread.c
  Added palette-index checking. Issue a png_warning() if an invalid index is
    found.

Version 1.5.10beta04 [March 10, 2012]
  Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition.
  Fixed CMF optimization of non-IDAT compressed chunks, which was added at
    libpng-1.5.4.  It sometimes produced too small of a window.

Version 1.5.10beta05 [March 10, 2012]
  Reject all iCCP chunks after the first, even if the first one is invalid.
  Issue a png_benign_error() instead of png_warning() about bad palette index.
  Fixed an off-by-one error in the palette index checking function.
  Revised example.c to put text strings in a temporary character array
    instead of directly assigning string constants to png_textp members.
    This avoids compiler warnings when -Wwrite-strings is enabled.

Version 1.5.10 [March 29, 2012]
  Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice.
  Revised png_set_text_2() to avoid potential memory corruption (fixes
    CVE-2011-3048).
2012-03-29 13:26:33 +00:00
wiz
6a9b8ccbd7 Set some defaults so that CVE-2011-3026 will not repeat,
following suggestions from upstream.
Bump PKGREVISION.
2012-02-20 22:42:29 +00:00
tron
d7961ccc4c Update "libpng" package to version 1.5.9. There are no change since
version 1.5.9rc01 except of the minor detail that you can actually
fetch the distfile.
2012-02-19 09:26:39 +00:00
wiz
be1670669d Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.
Version 1.5.9beta01 [February 3, 2012]
  Rebuilt configure scripts in the tar distributions.

Version 1.5.9beta02 [February 16, 2012]
  Removed two unused definitions from scripts/pnglibconf.h.prebuilt
  Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
  Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h

Version 1.5.9rc01 [February 17, 2012]
  Fixed CVE-2011-3026 buffer overrun bug.  Deal more correctly with the test
    on iCCP chunk length. Also removed spurious casts that may hide problems
    on 16-bit systems.
2012-02-18 15:42:57 +00:00
drochner
18665ec075 fix possible buffer overflow due to integer overflow in malloc()
size calculation (2011-3026), patch from Chromium via Redhat/Debian
bump PKGREV
2012-02-18 15:16:59 +00:00
wiz
b3082f9743 Update to 1.5.8:
Version 1.5.8beta01 [January 15, 2011]
  Removed '#include config.h"' from contrib/libtests/pngvalid.c.  It's not
    needed and causes trouble for VPATH building.
  Moved AC_MSG_CHECKING([if libraries can be versioned]) later to the proper
    location in configure.ac (Gilles Espinasse).
  Fix bug in pngerror.c: some long warnings were being improperly truncated
    (bug introduced in libpng-1.5.3beta05).

Version 1.5.8rc01 [January 21, 2012]
  No changes.

Version 1.5.8rc02 [January 25, 2012]
  Fixed Min/GW uninstall to remove libpng.dll.a
  Conditionalize the install rules for MINGW and CYGWIN in CMakeLists.txt
2012-02-01 23:05:19 +00:00
wiz
3e01da33be png uses zlib license, just with very many (co)authors.
Set it, and remove separate png-license file.
Ok troxel
2012-01-30 13:18:53 +00:00
wiz
0b0f51d434 Update png to 1.5.7:
Changes since the last public release (1.5.6):
  Added support for ARM processor (Mans Rullgard)
  Fixed bug in pngvalid on early allocation failure; fixed type cast in
    pngmem.c; pngvalid would attempt to call png_error() if the allocation
    of a png_struct or png_info failed. This would probably have led to a
    crash.  The pngmem.c implementation of png_malloc() included a cast
    to png_size_t which would fail on large allocations on 16-bit systems.
  Fix for the preprocessor of the Intel C compiler. The preprocessor
    splits adjacent @ signs with a space; this changes the concatentation
    token from @-@-@ to PNG_JOIN; that should work with all compiler
    preprocessors.
  Paeth filter speed improvements from work by Siarhei Siamashka. This
    changes the 'Paeth' reconstruction function to improve the GCC code
    generation on x86. The changes are only part of the suggested ones;
    just the changes that definitely improve speed and remain simple.
    The changes also slightly increase the clarity of the code.
  Check compression_type parameter in png_get_iCCP and remove spurious
    casts. The compression_type parameter is always assigned to, so must
    be non-NULL. The cast of the profile length potentially truncated the
    value unnecessarily on a 16-bit int system, so the cast of the (byte)
    compression type to (int) is specified by ANSI-C anyway.
  Fixed FP division by zero in pngvalid.c; the 'test_pixel' code left
    the sBIT fields in the test pixel as 0, which resulted in a floating
    point division by zero which was irrelevant but causes systems where
    FP exceptions cause a crash. Added code to pngvalid to turn on FP
    exceptions if the appropriate glibc support is there to ensure this is
    tested in the future.
  Added versioning to pnglibconf.h comments.
  Installed more accurate linear to sRGB conversion tables. The slightly
    modified tables reduce the number of 16-bit values that
    convert to an off-by-one 8-bit value.  The "makesRGB.c" code that was used
    to generate the tables is now in a contrib/sRGBtables sub-directory.
  Added run-time detection of NEON support.
  Multiple transform bug fixes plus a work-round for double gamma correction.
    libpng does not support more than one transform that requires linear data
    at once - if this is tried typically the results is double gamma
    correction. Since the simplified APIs can need rgb to gray combined with
    a compose operation it is necessary to do one of these outside the main
    libpng transform code. This check-in also contains fixes to various bugs
    in compose and rgb to gray (on palette).
  Fixes for C++ compilation using g++ When libpng source is compiled
    using g++. The compiler imposes C++ rules on the C source; thus it
    is desireable to make the source work with either C or C++ rules
    without throwing away useful error information.  This change adds
    png_voidcast to allow C semantic (void*) cases or the corresponding
    C++ static_cast operation, as appropriate.
  Added --noexecstack to assembler file compilation. GCC does not set
    this on assembler compilation, even though it does on C compilation.
    This creates security issues if assembler code is enabled; the
    work-around is to set it by default in the flags for $(CCAS)
  Removed "zTXt" from warning in generic chunk decompression function.
  Validate time settings passed to pngset() and png_convert_to_rfc1123()
    (Frank Busse).
  Added MINGW support to CMakeLists.txt
  Reject invalid compression flag or method when reading the iTXt chunk.
  Moved pngvalid.c into contrib/libtests
  Rebuilt Makefile.in, configure, etc., with autoconf-2.68
  Replaced an "#if" with "#ifdef" in pngrtran.c
  Revised #if PNG_DO_BC block in png.c (use #ifdef and add #else)
  Revised pngconf.h to use " __declspec(restrict)" only when MSC_VER >= 1400,
    as in libpng-1.5.4.
  Put CRLF line endings in the owatcom project files.
  Updated CMakeLists.txt to account for the relocation of pngvalid.c
  Minor fixes to pngvalid.c for gcc 4.6.2 compatibility to remove warnings
    reported by earlier versions.
2011-12-15 17:16:26 +00:00
wiz
8278595a5a Update to 1.5.6, which integrated part of patch-aa (see beta04).
Version 1.5.6beta01 [September 22, 2011]
  Fixed some 64-bit type conversion warnings in pngrtran.c
  Moved row_info from png_struct to a local variable.
  The various interlace mask arrays have been made into arrays of
    bytes and made PNG_CONST and static (previously some arrays were
    marked PNG_CONST and some weren't).
  Additional checks have been added to the transform code to validate the
    pixel depths after the transforms on both read and write.
  Removed some redundant code from pngwrite.c, in png_destroy_write_struct().
  Changed chunk reading/writing code to use png_uint_32 instead of png_byte[4].
    This removes the need to allocate temporary strings for chunk names on
    the stack in the read/write code.  Unknown chunk handling still uses the
    string form because this is exposed in the API.

Version 1.5.6beta02 [September 26, 2011]
  Added a note in the manual the png_read_update_info() must be called only
    once with a particular info_ptr.
  Fixed a typo in the definition of the new PNG_STRING_FROM_CHUNK(s,c) macro.

Version 1.5.6beta03 [September 28, 2011]
  Revised test-pngtest.sh to report FAIL when pngtest fails.
  Added "--strict" option to pngtest, to report FAIL when the failure is
    only because the resulting valid files are different.
  Revised CMakeLists.txt to work with mingw and removed some material from
    CMakeLists.txt that is no longer useful in libpng-1.5.

Version 1.5.6beta04 [October 5, 2011]
  Fixed typo in Makefile.in and Makefile.am ("-M Wl" should be "-M -Wl")."

Version 1.5.6beta05 [October 12, 2011]
  Speed up png_combine_row() for interlaced images. This reduces the generality
    of the code, allowing it to be optimized for Adam7 interlace.  The masks
    passed to png_combine_row() are now generated internally, avoiding
    some code duplication and localizing the interlace handling somewhat.
  Align png_struct::row_buf - previously it was always unaligned, caused by
    a bug in the code that attempted to align it; the code needs to subtract
    one from the pointer to take account of the filter byte prepended to
    each row.
  Optimized png_combine_row() when rows are aligned. This gains a small
    percentage for 16-bit and 32-bit pixels in the typical case where the
    output row buffers are appropriately aligned. The optimization was not
    previously possible because the png_struct buffer was always misaligned.
  Fixed bug in png_write_chunk_header() debug print, introduced in 1.5.6beta01.

Version 1.5.6beta06 [October 17, 2011]
  Removed two redundant tests for unitialized row.
  Fixed a relatively harmless memory overwrite in compressed text writing
    with a 1 byte zlib buffer.
  Add ability to call png_read_update_info multiple times to pngvalid.c.
  Fixes for multiple calls to png_read_update_info. These fixes attend to
    most of the errors revealed in pngvalid, however doing the gamma work
    twice results in inaccuracies that can't be easily fixed.  There is now
    a warning in the code if this is going to happen.
  Turned on multiple png_read_update_info in pngvalid transform tests.
  Prevent libpng from overwriting unused bits at the end of the image when
    it is not byte aligned, while reading. Prior to libpng-1.5.6 libpng would
    overwrite the partial byte at the end of each row if the row width was not
    an exact multiple of 8 bits and the image is not interlaced.

Version 1.5.6beta07 [October 21, 2011]
  Made png_ptr->prev_row an aligned pointer into png_ptr->big_prev_row
    (Mans Rullgard).

Version 1.5.6rc01 [October 26, 2011]
  Changed misleading "Missing PLTE before cHRM" warning to "Out of place cHRM"

Version 1.5.6rc02 [October 27, 2011]
  Added LSR() macro to defend against buggy compilers that evaluate non-taken
    code branches and complain about out-of-range shifts.

Version 1.5.6rc03 [October 28, 2011]
  Renamed the LSR() macro to PNG_LSR() and added PNG_LSL() macro.
  Fixed compiler warnings with Intel and MSYS compilers. The logical shift
    fix for Microsoft Visual C is required by other compilers, so this
    enables that fix for all compilers when using compile-time constants.
    Under MSYS 'byte' is a name declared in a system header file, so we
    changed the name of a local variable to avoid the warnings that result.
  Added #define PNG_ALIGN_TYPE PNG_ALIGN_NONE to contrib/pngminim/*/pngusr.h

Version 1.5.6 [November 3, 2011]
  No changes.
2011-11-06 23:53:46 +00:00
hans
bcb7d1e0a2 Fix typo to make this build again on SunOS. 2011-10-05 16:23:39 +00:00
wiz
ff6cc22837 Update to 1.5.5 to fix CVE-2011-3328, requested by tron.
Version 1.5.5beta01 [July 13, 2011]
  Fixed some typos and made other minor changes in the manual.
  Updated contrib/pngminus/makefile.std (Samuli Souminen)

Version 1.5.5beta02 [July 14, 2011]
  Revised Makefile.am and Makefile.in to look in the right directory for
    pnglibconf.h.prebuilt

Version 1.5.5beta03 [July 27, 2011]
  Enabled compilation with g++ compiler.  This compiler does not recognize
    the file extension, so it always compiles with C++ rules.  Made minor
    changes to pngrutil.c to cast results where C++ expects it but C does not.
  Minor editing of libpng.3 and libpng-manual.txt.

Version 1.5.5beta04 [July 29, 2011]
  Revised CMakeLists.txt (Clifford Yapp)
  Updated commentary about the png_rgb_to_gray() default coefficients
    in the manual and in pngrtran.c

Version 1.5.5beta05 [August 17, 2011]
  Prevent unexpected API exports from non-libpng DLLs on Windows.  The "_DLL"
    is removed from the test of whether a DLL is being built (this erroneously
    caused the libpng APIs to be marked as DLL exports in static builds under
    Microsoft Visual Studio).  Almost all of the libpng building configuration
    is moved from pngconf.h to pngpriv.h, but PNG_DLL_EXPORT remains in
    pngconf.h, though, so that it is colocated with the import definition (it
    is no longer used anywhere in the installed headers).  The VStudio project
    definitions have been cleaned up: "_USRDLL" has been removed from the
    static library builds (this was incorrect), and PNG_USE_DLL has been added
    to pngvalid to test the functionality (pngtest does not supply it,
    deliberately).  The spurious "_EXPORTS" has been removed from the
    libpng build (all these errors were a result of copy/paste between project
    configurations.)
  Added new types and internal functions for CIE RGB end point handling to
    pngpriv.h (functions yet to be implemented).

Version 1.5.5beta06 [August 26, 2011]
  Ensure the CMAKE_LIBRARY_OUTPUT_DIRECTORY is set in CMakeLists.txt
    (Clifford Yap)
  Fixes to rgb_to_gray and cHRM XYZ APIs (John Bowler):
    The rgb_to_gray code had errors when combined with gamma correction.
    Some pixels were treated as true grey when they weren't and such pixels
    and true grey ones were not gamma corrected (the original value of the
    red component was used instead).  APIs to get and set cHRM using color
    space end points have been added and the rgb_to_gray code that defaults
    based on cHRM, and the divide-by-zero bug in png_handle_cHRM (CERT
    VU#477046, CVE-2011-3328, introduced in 1.5.4) have been corrected.
  A considerable number of tests has been added to pngvalid for the
    rgb_to_gray transform.
  Arithmetic errors in rgb_to_gray whereby the calculated gray value was
    truncated to the bit depth rather than rounded have been fixed except in
    the 8-bit non-gamma-corrected case (where consistency seems more important
    than correctness.)  The code still has considerable inaccuracies in the
    8-bit case because 8-bit linear arithmetic is used.

Version 1.5.5beta07 [September 7, 2011]
  Added "$(ARCH)" option to makefile.darwin
  Added SunOS support to configure.ac and Makefile.am
  Changed png_chunk_benign_error() to png_warning() in png.c, in
    png_XYZ_from_xy_checked().

Version 1.5.5beta08 [September 10, 2011]
  Fixed 64-bit compilation errors (gcc). The errors fixed relate
    to conditions where types that are 32 bits in the GCC 32-bit
    world (uLong and png_size_t) become 64 bits in the 64-bit
    world.  This produces potential truncation errors that the
    compiler correctly flags.
  Relocated new HAVE_SOLARIS_LD definition in configure.ac
  Constant changes for 64-bit compatibility (removal of L suffixes). The
    16-bit cases still use "L" as we don't have a 16-bit test system.

Version 1.5.5rc01 [September 17, 2011]
  Removed "L" suffixes from constants in pngpriv.h

Version 1.5.5 [September 22, 2011]
  No changes.
2011-09-28 05:34:08 +00:00
wiz
295a305730 Update to 1.5.4:
Version 1.5.3beta11 [June 11, 2011]
  Fixed png_handle_sCAL which is broken in 1.5; added sCAL to pngtest.png
  Revised documentation about png_set_user_limits() to say that it also affects
    png writing.
  Revised handling of png_set_user_limits() so that it can increase the
    limit beyond the PNG_USER_WIDTH|HEIGHT_MAX; previously it could only
    reduce it.
  Make the 16-to-8 scaling accurate. Dividing by 256 with no rounding is
    wrong (high by one) 25% of the time. Dividing by 257 with rounding is
    wrong in 128 out of 65536 cases. Getting the right answer all the time
    without division is easy.
  Added "_SUPPORTED" to the PNG_WRITE_CUSTOMIZE_ZTXT_COMPRESSION macro.
  Added projects/owatcom, an IDE project for OpenWatcom to replace
    scripts/makefile.watcom.  This project works with OpenWatcom 1.9. The
    IDE autogenerates appropriate makefiles (libpng.mk) for batch processing.
    The project is configurable, unlike the Visual Studio project, so long
    as the developer has an awk.
  Changed png_set_gAMA to limit the gamma value range so that the inverse
    of the stored value cannot overflow the fixed point representation,
    and changed other things OpenWatcom warns about.
  Revised pngvalid.c to test PNG_ALPHA_MODE_SUPPORTED correctly. This allows
    pngvalid to build when ALPHA_MODE is not supported, which is required if
    it is to build on libpng 1.4.
  Removed string/memory macros that are no longer used and are not
    necessarily fully supportable, particularly png_strncpy and png_snprintf.
  Added log option to pngvalid.c and attempted to improve gamma messages.

Version 1.5.3 [omitted]
  People found the presence of a beta release following an rc release
    to be confusing; therefore we bump the version to libpng-1.5.4beta01
    and there will be no libpng-1.5.3 release.

Version 1.5.4beta01 [June 14, 2011]
  Made it possible to undefine PNG_READ_16_TO_8_ACCURATE_SCALE_SUPPORTED
    to get the same (inaccurate) output as libpng-1.5.2 and earlier.
  Moved definitions of PNG_HAVE_IHDR, PNG_AFTER_IDAT, and PNG_HAVE_PLTE
    outside of an unknown-chunk block in png.h because they are also
    needed for other uses.

Version 1.5.4beta02 [June 14, 2011]
  Fixed and clarified LEGACY 16-to-8 scaling code.
  Added png_set_chop_16() API, to match inaccurate results from previous
    libpng versions.
  Removed the ACCURATE and LEGACY options (they are no longer useable)
  Use the old scaling method for background if png_set_chop_16() was
    called.
  Made png_set_chop_16() API removeable by disabling PNG_CHOP_16_TO_8_SUPPORTED

Version 1.5.4beta03 [June 15, 2011]
  Fixed a problem in png_do_expand_palette() exposed by optimization in
    1.5.3beta06
  Also removed a spurious and confusing "trans" member ("trans") from png_info.
  The palette expand optimization prevented expansion to an intermediate RGBA
    form if tRNS was present but alpha was marked to be stripped; this exposed
    a check for tRNS in png_do_expand_palette() which is inconsistent with the
    code elsewhere in libpng.
  Correction to the expand_16 code; removed extra instance of
    png_set_scale_16_to_8 from pngpriv.h

Version 1.5.4beta04 [June 16, 2011]
  Added a missing "#ifdef PNG_READ_BACKGROUND_SUPPORTED/#endif" in pngrtran.c
  Added PNG_TRANSFORM_CHOP_16 to the high-level read transforms.
  Made PNG_READ_16_TO_8_ACCURATE_SCALE configurable again.  If this is
    not enabled, png_set_strip_16() and png_do_scale_16_to_8() aren't built.
  Revised contrib/visupng, gregbook, and pngminim to demonstrate chop_16_to_8

Version 1.5.4beta05 [June 16, 2011]
  Renamed png_set_strip_16() to png_set_scale_16() and renamed
    png_set_chop_16() to png_set_strip(16) in an attempt to minimize the
    behavior changes between libpng14 and libpng15.

Version 1.5.4beta06 [June 18, 2011]
  Fixed new bug that was causing both strip_16 and scale_16 to be applied.

Version 1.5.4beta07 [June 19, 2011]
  Fixed pngvalid, simplified macros, added checking for 0 in sCAL.
    The ACCURATE scale macro is no longer defined in 1.5 - call the
    png_scale_16_to_8 API.  Made sure that PNG_READ_16_TO_8 is still defined
    if the png_strip_16_to_8 API is present.  png_check_fp_number now
    maintains some state so that positive, negative and zero values are
    identified.  sCAL uses these to be strictly spec conformant.

Version 1.5.4beta08 [June 23, 2011]
  Fixed pngvalid if ACCURATE_SCALE is defined.
  Updated scripts/pnglibconf.h.prebuilt.

Version 1.5.4rc01 [June 30, 2011]
  Define PNG_ALLOCATED to "restrict" only if MSC_VER >= 1400.

Version 1.5.4 [July 7, 2011]
  no changes.
2011-07-08 17:47:58 +00:00
wiz
89c4f92b14 Update to 1.5.3rc02 for a security fix.
Version 1.5.3beta07 [May 11, 2011]
  Added expand_16 support to the high level interface.
  Added named value and 'flag' gamma support to png_set_gamma.  Made a minor
    change from the previous (unreleased) ABI/API to hide the exact value used
    for Macs - it's not a good idea to embed this in the ABI!
  Moved macro definitions for PNG_HAVE_IHDR, PNG_HAVE_PLTE, and PNG_AFTER_IDAT
    from pngpriv.h to png.h because they must be visible to applications
    that call png_set_unknown_chunks().
  Check for up->location !PNG_AFTER_IDAT when writing unknown chunks
    before IDAT.

Version 1.5.3beta08 [May 16, 2011]
  Improved "pngvalid --speed" to exclude more of pngvalid from the time.
  Documented png_set_alpha_mode(), other changes in libpng.3/libpng-manual.txt
  The cHRM chunk now sets the defaults for png_set_rgb_to_gray() (when negative
    parameters are supplied by the caller), while in the absence of cHRM
    sRGB/Rec 709 values are still used.
  The bKGD chunk no longer overwrites the background value set by
    png_set_background(), allowing the latter to be used before the file
    header is read. It never performed any useful function to override
    the default anyway.
  Added memory overwrite and palette image checks to pngvalid.c
    Previously palette image code was poorly checked. Since the transformation
    code has a special palette path in most cases this was a severe weakness.
  Minor cleanup and some extra checking in pngrutil.c and pngrtran.c. When
    expanding an indexed image, always expand to RGBA if transparency is
    present.

Version 1.5.3beta09 [May 17, 2011]
  Reversed earlier 1.5.3 change of transformation order; move png_expand_16
    back where it was.  The change doesn't work because it requires 16-bit
    gamma tables when the code only generates 8-bit ones.  This fails
    silently; the libpng code just doesn't do any gamma correction.  Moving
    the tests back leaves the old, inaccurate, 8-bit gamma calculations, but
    these are clearly better than none!

Version 1.5.3beta10 [May 20, 2011]

  png_set_background() and png_expand_16() did not work together correctly.
    This problem is present in 1.5.2; if png_set_background is called with
    need_expand false and the matching 16 bit color libpng erroneously just
    treats it as an 8-bit color because of where png_do_expand_16 is in the
    transform list.  This simple fix reduces the supplied colour to 8-bits,
    so it gets smashed, but this is better than the current behavior.
  Added tests for expand16, more fixes for palette image tests to pngvalid.
    Corrects the code for palette image tests and disables attempts to
    validate palette colors.

Version 1.5.3rc01 [June 3, 2011]
  No changes.

Version 1.5.3rc02 [June 7, 2011]
  Fixed 1-byte uninitialized memory reference in png_format_buffer() (Bug
    report by Frank Busse, related to CVE-2004-0421).
2011-06-08 06:58:58 +00:00
wiz
7674b6e376 regen for targz change 2011-05-08 09:11:08 +00:00
wiz
fb373c4d50 Update to 1.5.3beta06:
Version 1.5.3beta06 [May 8, 2011]
  Removed the -D_ALL_SOURCE from definitions for AIX in CMakeLists.txt
  Implemented premultiplied alpha support: png_set_alpha_mode API
2011-05-08 09:09:20 +00:00
obache
15ca6908ad Switch to use default EXTRACT_SUFX for distfile, .tar.gz is the only long term
provided archive for libpng beta release.
2011-05-08 06:02:43 +00:00
adam
72730ee48e Changes 1.5.3beta05:
* Added the "_POSIX_SOURCE" feature test macro to ensure libpng sees the
  correct API. _POSIX_SOURCE is defined in pngpriv.h, pngtest.c and
  pngvalid.c to ensure that POSIX conformant systems disable non-POSIX APIs.
* Removed png_snprintf and added formatted warning messages.  This change adds
  internal APIs to allow png_warning messages to have parameters without
  requiring the host OS to implement snprintf.  As a side effect the
  dependency of the tIME-supporting RFC1132 code on stdio is removed and
  PNG_NO_WARNINGS does actually work now.
* Added PNG_WRITE_OPTIMIZE_CMF_SUPPORTED macro to make the zlib "CMF" byte
  optimization configureable.
* IDAT compression failed if preceded by a compressed text chunk (bug
  introduced in libpng-1.5.3beta01-02).  This was because the attempt to
  reset the zlib stream in png_write_IDAT happened after the first IDAT
  chunk had been deflated - much too late.  In this change internal
  functions were added to claim/release the z_stream and, hopefully, make
  the code more robust.  Also deflateEnd checking is added - previously
  libpng would ignore an error at the end of the stream.
2011-05-06 07:19:22 +00:00
wiz
dc02548c48 Update to 1.5.3beta04 to fix a regression reported on tech-pkg (see beta03,
last entry).

Version 1.5.3beta01 [April 1, 2011]
  Re-initialize the zlib compressor before compressing non-IDAT chunks.
  Added API functions to set parameters for zlib compression of non-IDAT
    chunks.

Version 1.5.3beta02 [April 3, 2011]
  Updated scripts/symbols.def with new API functions.
  Only compile the new zlib re-initializing code when text or iCCP is
    supported, using PNG_WRITE_COMPRESSED_TEXT_SUPPORTED macro.
  Improved the optimization of the zlib CMF byte (see libpng-1.2.6beta03).
  Optimize the zlib CMF byte in non-IDAT compressed chunks

Version 1.5.3beta03 [April 16, 2011]
  Fixed gcc -ansi -pedantic compile. A strict ANSI system does not have
    snprintf, and the "__STRICT_ANSI__" detects that condition more reliably
    than __STDC__ (John Bowler).
  Removed the PNG_PTR_NORETURN attribute because it too dangerous. It tells
    the compiler that a user supplied callback (the error handler) does not
    return, yet there is no guarantee in practice that the application code
    will correctly implement the error handler because the compiler only
    issues a warning if there is a mistake (John Bowler).
  Removed the no-longer-used PNG_DEPSTRUCT macro.
  Updated the zlib version to 1.2.5 in the VStudio project.
  Fixed 64-bit builds where png_uint_32 is smaller than png_size_t in
    pngwutil.c (John Bowler).
  Fixed bug with stripping the filler or alpha channel when writing, that
    was introduced in libpng-1.5.2beta01 (bug report by Andrew Church).

Version 1.5.3beta04 [April 27, 2011]
  Updated pngtest.png with the new zlib CMF optimization.
  Cleaned up conditional compilation code and of background/gamma handling
    Internal changes only except a new option to avoid compiling the
    png_build_grayscale_palette API (which is not used at all internally.)
    The main change is to move the transform tests (READ_TRANSFORMS,
    WRITE_TRANSFORMS) up one level to the caller of the APIs.  This avoids
    calls to spurious functions if all transforms are disabled and slightly
    simplifies those functions.  Pngvalid modified to handle this.
    A minor change is to stop the strip_16 and expand_16 interfaces from
    disabling each other; this allows the future alpha premultiplication
    code to use 16-bit intermediate values while still producing 8-bit output.
    png_do_background and png_do_gamma have been simplified to take a single
    pointer to the png_struct rather than pointers to every item required
    from the png_struct. This makes no practical difference to the internal
    code.
  A serious bug in the pngvalid internal routine 'standard_display_init' has
    been fixed - this failed to initialize the red channel and accidentally
    initialized the alpha channel twice.
  Changed png_struct jmp_buf member name from png_jmpbuf to tmp_jmpbuf to
    avoid a clash with the png_jmpbuf macro on some platforms.
2011-05-03 09:07:35 +00:00
wiz
9ce2aeae85 Update to 1.5.2:
Version 1.5.2beta01 [February 13, 2011]
  More -Wshadow fixes for older gcc compilers.  Older gcc versions apparently
    check formal parameters names in function declarations (as well as
    definitions) to see if they match a name in the global namespace.
  Revised PNG_EXPORTA macro to not use an empty parameter, to accommodate the
    old VisualC++ preprocessor.
  Turned on interlace handling in png_read_png().
  Fixed gcc pendantic warnings.
  Handle longjmp in Cygwin.
  Fixed png_get_current_row_number() in the interlaced case.
  Cleaned up ALPHA flags and transformations.
  Implemented expansion to 16 bits.

Version 1.5.2beta02 [February 19, 2011]
  Fixed mistake in the descriptions of user read_transform and write_transform
    function prototypes in the manual.  The row_info struct is png_row_infop.
  Reverted png_get_current_row_number() to previous (1.5.2beta01) behavior.
  Corrected png_get_current_row_number documentation
  Fixed the read/write row callback documentation.
    This documents the current behavior, where the callback is called after
    every row with information pertaining to the next row.

Version 1.5.2beta03 [March 3, 2011]
  Fixed scripts/makefile.vcwin32
  Updated contrib/pngsuite/README to add the word "modify".
  Define PNG_ALLOCATED to blank when _MSC_VER<1300.

Version 1.5.2rc01 [March 19, 2011]
  Define remaining attributes to blank when MSC_VER<1300.
  ifdef out mask arrays in pngread.c when interlacing is not supported.

Version 1.5.2rc02 [March 22, 2011]
  Added a hint to try CPP=/bin/cpp if "cpp -E" fails in scripts/pnglibconf.mak
    and in contrib/pngminim/*/makefile, eg., on SunOS 5.10, and removed "strip"
    from the makefiles.
  Fixed a bug (present since libpng-1.0.7) that makes png_handle_sPLT() fail
    to compile when PNG_NO_POINTER_INDEXING is defined (Chubanov Kirill)

Version 1.5.2rc03 [March 24, 2011]
  Don't include standard header files in png.h while building the symbol table,
    to avoid cpp failure on SunOS (introduced PNG_BUILDING_SYMBOL_TABLE macro).

Version 1.5.2 [March 31, 2011]
2011-04-05 12:47:56 +00:00
adam
a6cfed8852 Fix building with Clang 2011-02-04 23:35:29 +00:00
wiz
c5f97146ad Update to 1.5.1:
Version 1.5.1beta10 [January 27, 2010]
  Fixed incorrect examples of callback prototypes in the manual, that were
    introduced in libpng-1.0.0.
  In addition the order of the png_get_uint macros with respect to the
    relevant function definitions has been reversed.  This helps the
    preprocessing of the symbol files be more robust.  Furthermore, the
    symbol file preprocessing now uses -DPNG_NO_USE_READ_MACROS even when
    the library may actually be built with PNG_USE_READ_MACROS; this stops
    the read macros interfering with the symbol file format.
  Made the manual, synopses, and function prototypes use the function
    argument names file_gamma, int_file_gamma, and srgb_intent consistently.

Version 1.5.1beta11 [January 28, 2011]
  Changed PNG_UNUSED from "param=param;" to "{if(param){}}".
  Corrected local variable type in new API png_process_data_skip()
    The type was self-evidently incorrect but only causes problems on 64 bit
    architectures.
  Added transform tests to pngvalid and simplified the arguments.

Version 1.5.1rc01 [January 29, 2011]
  No changes.

Version 1.5.1rc02 [January 31, 2011]
  Added a request in the manual that applications do not use "png_" or
    "PNG_" to begin any of their own symbols.
  Changed PNG_UNUSED to "(void)param;" and updated the commentary in pngpriv.h

Version 1.5.1 [February 3, 2011]
  No changes.
2011-02-03 09:20:58 +00:00
adam
c8d897c797 Changes 1.5.1beta09:
Enhanced pngvalid, corrected an error in gray_to_rgb, corrected doc error.
  pngvalid contains tests of transforms, which tests are currently disabled
  because they are incompletely tested.  gray_to_rgb was failing to expand
  the bit depth for smaller bit depth images; this seems to be a long
  standing error and resulted, apparently, in invalid output.  The
  documentation did not accurately describe what libpng really does when
  converting RGB to gray.
2011-01-24 08:08:37 +00:00
wiz
fd94d279aa Update to 1.5.1beta08. Integrates a better version of patch-ac and tries
to fix the Solaris build problem reported in PR 44428.

Version 1.5.1beta07 [January 22, 2011]
  In the manual, describe the png_get_IHDR() arguments in the correct order.
  Added const_png_structp and const_png_infop types, and used them in
    prototypes for most png_get_*() functions.

Version 1.5.1beta08 [January 23, 2011]
  Added png_get_io_chunk_type() and deprecated png_get_io_chunk_name()
  Added synopses for the IO_STATE functions and other missing synopses
    to the manual. Removed the synopses from libpngpf.3 because they
    were out of date and no longer useful.  Better information can be
    obtained by reading the prototypes and comments in pngpriv.h
  Attempted to fix cpp on Solaris with S. Studio 12 cc, fix build
    Added a make macro DFNCPP that is a CPP that will accept the tokens in
    a .dfn file and adds configure stuff to test for such a CPP.  ./configure
    should fail if one is not available.
  Corrected const_png_ in png.h to png_const_ to avoid polluting the namespace.
  Added png_get_current_row_number and png_get_current_pass_number for the
    benefit of the user transform callback.
  Added png_process_data_pause and png_process_data_skip for the benefit of
    progressive readers that need to stop data processing or want to optimize
    skipping of unread data (e.g., if the reader marks a chunk to be skipped.)
2011-01-23 11:24:54 +00:00
wiz
df1ea092f8 Update to 1.5.1beta06:
Version 1.5.1beta02 [January 14, 2011]
  Fixed a bug in handling of interlaced images (bero at arklinux.org).
  Updated CMakeLists.txt (Clifford Yapp)

Version 1.5.1beta03 [January 14, 2011]
  Fixed typecasting of some png_debug() statements (Cosmin)

Version 1.5.1beta04 [January 16, 2011]
  Updated documentation of png_set|get_tRNS() (Thomas Klausner).
  Mentioned in the documentation that applications must #include "zlib.h"
    if they need access to anything in zlib.h, and that a number of
    macros such as png_memset() are no longer accessible by applications.
  Corrected pngvalid gamma test "sample" function to access all of the color
    samples of each pixel, instead of sampling the red channel three times.
  Prefixed variable names index, div, exp, gamma with "png_" to avoid "shadow"
    warnings, and (mistakenly) changed png_exp() to exp().

Version 1.5.1beta05 [January 16, 2011]
  Changed variable names png_index, png_div, png_exp, and png_gamma to
    char_index, divisor, exp_b10, and gamma_val, respectively, and
    changed exp() back to png_exp().

Version 1.5.1beta06 [January 20, 2011]
  Prevent png_push_crc_skip() from hanging while reading an unknown chunk
    or an over-large compressed zTXt chunk with the progressive reader.
  Eliminated more GCC "shadow" warnings.
  Revised png_fixed() in png.c to avoid compiler warning about reaching the
    end without returning anything.
2011-01-21 23:42:17 +00:00
wiz
3d75e21402 Update to 1.5.1beta01:
1.5.1beta01 contains a security fix for 1.5.0.

The current public release, libpng 1.5.0, continues the evolution
of the libpng API, finally hiding the contents of the venerable
and hoary png_struct and png_info data structures inside private
(i.e., non-installed) header files. (Apps that compiled with libpng
1.4 without warnings about deprecated features should happily
compile with 1.5, too.) It also includes a new, more thorough test
program (pngvalid.c), a new pnglibconf.h header file that tracks
what features were enabled or disabled when libpng was built, and
huge thanks to John Bowler, who did most of the work. Complete
differences relative to libpng 1.4.x are detailed at
http://www.libpng.org/pub/png/src/libpng-1.4.x-to-1.5.x-summary.txt .

Since the shlib name changed, next up: PKGREVISION++ all across pkgsrc.
2011-01-13 13:27:21 +00:00
wiz
e2512d11af Update to 1.4.5:
version 1.4.5beta01 [September 25, 2010]
  Fixed possible configure.ac bug introduced in version 1.4.4rc05.
  Rebuilt configure scripts with autoconf-2.68 instead of autoconf-2.65

version 1.4.5beta02 [October 5, 2010]
  Reverted configure scripts to autoconf-2.65
  Fixed problem with symbols creation in Makefile.am which was assuming that
    all versions of cpp write to standard output by default (Martin Banky). The
    bug was introduced in libpng-1.2.9beta5.

version 1.4.5beta03 [October 8, 2010]
  Wrapped long lines in CMakeLists.txt and introduced ${libpng_public_hdrs}
  Undid Makefile.am revision of 1.4.5beta02.

version 1.4.5beta04 [November 8, 2010]
  Check for out-of-range text compression mode in png_set_text().

version 1.4.5rc01 [November 19, 2010]
  No changes.

version 1.4.5beta05 [November 20, 2010]
  Revised png_get_uint_32, png_get_int_32, png_get_uint_16 (Cosmin)
  Moved reading of file signature into png_read_sig (Cosmin)
  Fixed atomicity of chunk header serialization (Cosmin)
  Added test for io_state in pngtest.c (Cosmin)
  Added "#!/bin/sh" at the top of contrib/pngminim/*/gather.sh scripts.

version 1.4.5beta06 [November 21, 2010]
  Restored the parentheses in pngrutil.c; they are needed when the
    png_get_*int_*() functions are compiled (i.e., when PNG_USE_READ_MACROS
    is not defined).
  Make the "png_get_uint_16" macro return a png_uint_32 in libpng-1.4 for API
    compatibility.
  Changes to remove gcc warnings (John Bowler)
    Certain optional gcc warning flags resulted in warnings in libpng code.
    With these changes only -Wconversion and -Wcast-qual cannot be turned on.
    Changes are trivial rearrangements of code.  -Wconversion is not possible
    for pngrutil.c (because of the widespread use of += et al on variables
    smaller than (int) or (unsigned int)) and -Wcast-qual is not possible
    with pngwio.c and pngwutil.c because the 'write' callback and zlib
    compression both fail to declare their input buffers with 'const'.

version 1.4.5beta07 [November 25, 2010]
  Reverted png_get_uint_16 macro to beta05 and added comment about the
    potential API incompatibility.

version 1.4.5rc02 [December 2, 2010]
  No changes.

version 1.4.5rc03 [December 3, 2010]
  Added missing vstudio/*/*.vcxproj files to the zip and 7z distributions.

version 1.4.5 [December 9, 2010]
  Removed PNG_NO_WRITE_GAMMA from pngminim/encoder/pngusr.h
2010-12-10 12:37:26 +00:00
wiz
c43af5c8ec Update to 1.4.4:
version 1.4.4beta01 [July 12, 2010]
  Removed extraneous new_push_process_row.c file.
  Revised the "SEE ALSO" style of libpng.3, libpngpf.3, and png.5
  Removed some newly-added TAB characters from pngpread.c.
  Fixed some indentation in pngpread.c and pngrutil.c
  Changed "extern PNG_EXPORT" to "PNG_EXPORT" in png.h (Jan Nijtmans)
  Changed "extern" to "PNG_EXTERN" in pngpriv.h (except for the 'extern "C" {')
  Put "#ifndef PNG_EXTERN, #endif" around "#define PNG_EXTERN" in pngpriv.h

version 1.4.4beta02 [July 24, 2010]
  Added -DNO_PNG_SNPRINTF to CFLAGS in scripts/makefile.dj2
  Moved the definition of png_snprintf() outside of the enclosing
    #ifdef blocks in pngconf.h
  Added a special case typedef of png_longjmp_ptr for WATCOM.

version 1.4.4beta03 [July 24, 2010]
  Removed reference to cbuilder5/* from Makefile.in and Makefile.am
  Eliminated the new special case typedef of png_longjmp_ptr for WATCOM
    and made a special case "#define PNGAPI" in pngconf.h instead.

version 1.4.4beta04 [July 31, 2010]
  Updated the read macros and functions from 1.5.0beta38.

version 1.4.4beta05 [August 6, 2010]
  Updated projects/visualc71 so it can find scripts/pnglibconf.h
  Removed unused png_mem_* defines from pngconf.h.
  Correct use of _WINDOWS_ in pngconf.h

version 1.4.4beta06 [August 11, 2010]
  Don't try to use version-script with cygwin/mingw.
  Revised contrib/gregbook to work under cygwin/mingw.

version 1.4.4beta07 [August 26, 2010]
  Updated prebuilt aclocal.m4 and ltmain.sh
  Add .dll.a to the list of extensions to be symlinked by Makefile.am (Yaakov)
  Updated CMakeLists.txt to use CMAKE_INSTALL_LIBDIR variable; useful for
    installing libpng in /usr/lib64 (Funda Wang).
  Revised CMakeLists.txt to put the man pages in share/man/man* not man/man*
  Revised CMakeLists.txt to make symlinks instead of copies when installing.
  Changed PNG_LIB_NAME from pngNN to libpngNN in CMakeLists.txt (Philip Lowman)
  Moved "#include pngusr.h" ahead of PNG_USER_PRIVATEBUILD test in pngconf.h
  Eliminated a deprecated reference to png_ptr->io_ptr in pngtest.c
  Eliminated new unnecessary #if tests regarding the sCAL chunk from pngrutil.c

version 1.4.4beta08 [September 2, 2010]
  Updated the xcode project to work with libpng-1.4.x and added iOS targets
    for simulator and device (Philippe Hausler).

version 1.4.4rc01 [September 10, 2010]
  No changes.

version 1.4.4rc02 [September 13, 2010]
  Revised CMakeLists.txt (Philip Lowman).

version 1.4.4rc03 [September 14, 2010]
  Removed an extraneous close-double-quote from CMakeLists.txt
  Eliminated another deprecated reference to png_ptr->io_ptr in pngtest.c

version 1.4.4rc04 [September 16, 2010]
  Fixed indentation and removed debugging message from CMakeLists.txt
  Revised autogen.sh to recognize and use $AUTOCONF, $AUTOMAKE, $AUTOHEADER,
    $AUTOPOINT, $ACLOCAL and $LIBTOOLIZE

version 1.4.4rc05 [September 20, 2010]
  Rebuilt configure scripts with automake-1.11.1 instead of automake-1.11.
  Removed unused mkinstalldirs file.

version 1.4.4 [September 23, 2010]
  No changes.
2010-09-24 08:58:40 +00:00
wiz
ee9eca728f Security update to 1.4.3:
Several versions of libpng through 1.4.2 (and through 1.2.43 in
the older series) contain a bug whereby progressive applications
such as web browsers (or the rpng2 demo app included in libpng)
could receive an extra row of image data beyond the height reported
in the header, potentially leading to an out-of-bounds write to
memory (depending on how the application is written) and the
possibility of execution of an attacker's code with the privileges
of the libpng user (including remote compromise in the case of a
libpng-based browser visiting a hostile web site). This vulnerability
has been assigned ID CVE-2010-1205  (via Mozilla).

An additional memory-leak bug, involving images with malformed sCAL
chunks, is also present; it could lead to an application crash
(denial of service) when viewing such images.

Both bugs are fixed in versions 1.4.3 and 1.2.44.

version 1.4.3beta01 [June 18, 2010]
  Added missing quotation marks in the aix block of configure.ac
  The new "vstudio" project was missing from the zip and 7z distributions.
  In pngpread.c: png_push_have_row() add check for new_row > height

version 1.4.3beta02 [June 18, 2010]
  Removed the now-redundant check for out-of-bounds new_row from example.c

version 1.4.3beta03 [June 18, 2010]
  In pngpread.c: png_push_finish_row() add check for too many rows.

version 1.4.3beta04 [June 19, 2010]
  In pngpread.c: png_push_process_row() add check for too many rows.
  Removed the checks added in beta01 and beta03, as they are now redundant.

version 1.4.3beta05 [June 20, 2010]
  Rewrote png_process_IDAT_data to consistently treat extra data as warnings
    and handle end conditions more cleanly.
  Removed the new (beta04) check in png_push_process_row().

version 1.4.3rc01 [June 21, 2010]
  Revised some comments in png_process_IDAT_data().

version 1.4.3rc02 [June 22, 2010]
  Changed char *msg to PNG_CONST char *msg in pngrutil.c
  Stop memory leak when reading a malformed sCAL chunk.
  Removed some trailing blanks.

version 1.4.3rc03 [June 23, 2010]
  Revised pngpread.c patch of beta05 to avoid an endless loop.

version 1.4.3 [June 26, 2010]
  Updated some of the "last changed" dates.
2010-06-26 19:11:32 +00:00
wiz
e07a1fd986 Update to 1.4.2. Shared library name changes from libpn12.* to libpng14.*,
so bump ABI depends.

Remove libpng.* from package, instead use buildlink to help some packages
that are looking for the library themselves instead of using pkg-config
or libpng-config.

Changes:

version 1.4.2:
  Restored the macro definition of png_check_sig().
  Conditionally compile an "else" statement in png_decompress_chunk().
  Documented the fact that png_set_dither() was disabled since libpng-1.4.0.
  Reenabled png_set_dither() but renamed it to png_set_quantize() to reflect
    more accurately what it actually does.  At the same time, renamed
    the PNG_DITHER_[RED,GREEN_BLUE]_BITS macros to
    PNG_QUANTIZE_[RED,GREEN,BLUE]_BITS.
  Added some "(long)" typecasts to printf calls in png_handle_cHRM().
  Relaxed the overly-restrictive permissions of some files.
  Added the "vstudio" project to replace "visualc6" and "visualc71" which
    will be removed from libpng-1.5.0.
  Demonstrate in example.c that lang_key should be initialized.
  Set PNG_NO_READ_BGR, PNG_NO_IO_STATE, and PNG_NO_TIME_RFC1123 in
    contrib/pngminim/decoder/pngusr.h to make a smaller decoder application.
  Include png_reset_zstream() in png.c only when PNG_READ_SUPPORTED is defined.
  Removed dummy_inflate.c and uncompr.c from contrib/pngminim/encoder
  Corrected PNG_UNKNOWN_CHUNKS_SUPPORTED to PNG_HANDLE_AS_UNKNOWN_SUPPORTED
    in gregbook/readpng2.c
  Corrected protection of png_get_user_transform_ptr. The API declaration in
    png.h is removed if both READ and WRITE USER_TRANSFORM are turned off
    but was left defined in pngtrans.c
  Moved declarations of umsg[] inside the proper #ifdef blocks in pngrutil.c

version 1.4.1 [February 25, 2010]

  Updated CMakeLists.txt for consistent indentation and to avoid an
    unclosed if-statement warning (Philip Lowman).
  Revised Makefile.am and Makefile.in to remove references to Y2KINFO,
    KNOWNBUG, and libpng.la (Robert Schwebel).
  Revised the makefiles to install the same files and symbolic
    except for libpng.la and libpng14.la.
  Make png_set|get_compression_buffer_size() available even when
    PNG_WRITE_SUPPORTED is not enabled.
  Revised Makefile.am and Makefile.in to simplify their maintenance.
  Revised the makefiles to install a link to libpng14.so.14.1
  Removed png_set_premultiply_alpha() from scripts/*.def
  Revised png_decompress_chunk() to improve speed and memory usage when
    decoding large chunks, using a two-pass method suggested by John Bowler.
  Added png_set|get_chunk_malloc_max() functions.
  Relocated "int k" declaration in pngtest.c to minimize its scope.
  Folded some long lines in the source files.
  Added defineable PNG_USER_CHUNK_CACHE_MAX and PNG_USER_CHUNK_MALLOC_MAX
  Eliminated use of png_ptr->irowbytes and reused the slot in png_ptr as
    png_ptr->png_user_chunk_malloc_max.
  Return allocated "old_buffer" in png_push_save_buffer() before calling
    png_error(), to avoid a potential memory leak.
  Removed the cbuilder5 project, which has not been updated to 1.4.0.
  Complete rewrite of two-pass png_decompress_chunk() by John Bowler.
  Removed obsolete unused MMX-querying support from contrib/gregbook
  Removed the AIX redefinition of jmpbuf in png.h
  Define _ALL_SOURCE in configure.ac, makefile.aix, and CMakeLists.txt
    when using AIX compiler.
  Removed unused gzio.c from contrib/pngminim gather and makefile scripts


Changes to Libpng from version 1.2.42 to 1.4.0 (January 4, 2010)

Libpng-1.4.0 was released by the PNG Development Group on January
3, 2010.  Important new features include support for the iTXt chunk
and a function for limiting the amount of memory that a possibly
malicious compressed chunk can consume.  Some long-deprecated functions
and features have been removed.  A new private header file that is
not visible to applications has been created, to improve our ability
to maintain binary compatibility among future libpng versions.

Specifically,

1. Private libpng prototypes and macro definitions were moved from
png.h and pngconf.h into a new pngpriv.h header file that is not
visible to applications.

2. Some obsolete/deprecated macros and functions have been removed.

   a. We eliminated the obsolete, unused pnggccrd.c and pngvcrd.c files
      and related makefiles.

   b. We removed the typecasted NULL definitions such as

          #define png_voidp_NULL    (png_voidp)NULL

      If you used these in your application, just use NULL instead.

   c. We eliminated the PNG_1_0_X and PNG_1_2_X macros.

   d. We eliminated the PNG_LEGACY_SUPPORTED macro.

   e. We removed many WIN32_WCE #ifdefs.

   f. We removed the functions png_read_init(info_ptr),
      png_write_init(info_ptr), png_info_init(info_ptr),
      png_read_destroy(), and png_write_destroy().
      They have been deprecated since libpng-0.95.

   g. We removed the png_permit_empty_plte() function. It has been
      deprecated since libpng-1.0.9.  Use png_permit_mng_features() instead.

   h. We removed the obsolete stub functions png_get_mmx_flagmask(),
      png_set_mmx_thresholds(), png_get_asm_flags(),
      png_get_mmx_bitdepth_threshold(), png_get_mmx_rowbytes_threshold(),
      png_set_asm_flags(), and png_mmx_supported()

   i. We removed the obsolete png_check_sig(), png_memcpy_check(), and
      png_memset_check() functions.  Instead use !png_sig_cmp(),
      png_memcpy(), and png_memset(), respectively, i.e.,

      replace
        png_check_sig(buf, 8)
      with
        png_sig_cmp(buf, 0, 8) == 0

      replace
        png_memcpy_check(png_ptr, dest, src, length)
      with
        png_memcpy(dest, src, length)

      and replace
        png_memset_check(png_ptr, dest, value, length)
      with
        png_memset(dest, value, length)

   j. We removed support for global arrays to improve thread safety.

   k. We removed support for numbered error messages by default, since we
      never got around to actually numbering the error messages. The function
      png_set_strip_error_numbers() was removed from the library by default.

   l. The png_zalloc() and png_zfree() functions are no longer exported.
      The png_zalloc() function no longer zeroes out the memory that it
      allocates.

   m. The function png_set_gray_1_2_4_to_8() was removed. It has been
      deprecated since libpng-1.0.18 and 1.2.9, when it was replaced with
      png_set_expand_gray_1_2_4_to_8() because the former function also
      expanded palette images.

3. Several function prototypes were changed.

   a. We changed the prototype for png_malloc() from
      png_malloc(png_structp png_ptr, png_uint_32 size) to
      png_malloc(png_structp png_ptr, png_alloc_size_t size)

   b. We changed the prototypes of png_get_compression_buffer_size() and
      png_set_compression_buffer_size() to work with png_size_t instead of
      png_uint_32.

4. We added some new features:

   a. We enabled iTXt chunk support by default.  This changes the png_text
      structure by adding the itxt_length, lang, and lang_key members.

   b. We added the functions png_set_benign_errors(), png_benign_error(),
      and png_chunk_benign_error().  With these, you can choose to treat
      certain normally fatal errors as nonfatal.

   c. Support for setting the maximum amount of memory that the application
      will allocate for reading chunks was added, as a security measure.
      The functions png_set_chunk_cache_max() and png_get_chunk_cache_max()
      were added to the library.

   d. We added the png_calloc() function and used it in place of
      of "png_malloc(); png_memset();" except in the case in png_read_png()
      where the array consists of pointers; in this case a "for" loop is used
      after the png_malloc() to set the pointers to NULL, to give robust.
      behavior in case the application runs out of memory part-way through
      the process.

   e. We implemented support for I/O states by adding png_ptr member io_state
      and functions png_get_io_chunk_name() and png_get_io_state() in pngget.c

   f. We added PNG_TRANSFORM_GRAY_TO_RGB to the available high-level
      input transforms.

5. Other changes

   a. We changed the names of the png_struct and info_struct members "trans"
      and "trans_values" to "trans_alpha" and "trans_color", respectively.

   b. Checking for and reporting of errors in the IHDR chunk is more thorough.

   c. We removed the trailing '.' from the warning and error messages.

   d. Direct access to png_ptr->jmpbuf has been deprecated since libpng
      version 1.0.6, and libpng now generates a warning about it.

      To avoid such warnings, change
        setjmp(png_ptr->jmpbuf)

      to
        setjmp(png_jmpbuf(png_ptr))
2010-06-13 22:42:10 +00:00