0.7.7:
* Upgraded libpng to version 1.6.34.
* Upgraded zlib to version 1.2.11-optipng.
* Upgraded minitiff to version 0.2.
!! Fixed a buffer overflow vulnerability in the GIF decoder.
!! Fixed an integer overflow vulnerability in the TIFF decoder.
! Fixed the build on macOS High Sierra.
! Fixed the build on DJGPP.
* Disallowed out-of-bounds values in rangeset options.
-------------
* Upgraded libpng to version 1.6.21.
! Fixed an assertion failure in the image reduction code.
!! Fixed various security-sensitive defects in the BMP decoder.
! Fixed a benign uninitialized memory read in the GIF decoder.
! Fixed a build failure occurring under the Estonian (et_EE) locale.
! Fixed a build failure occurring on Mac OS X, FreeBSD, and possibly
other systems that lack POSIX-compliant high-resolution timestamps.
! Fixed a typo causing build failures in 32-bit ANSI C compilation.
Problems found with existing digests:
Package fotoxx distfile fotoxx-14.03.1.tar.gz
ac2033f87de2c23941261f7c50160cddf872c110 [recorded]
118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated]
Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz
34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Problems found locating distfiles:
Package AfterShotPro: missing distfile AfterShotPro-1.1.0.30/AfterShotPro_i386.deb
Package pgraf: missing distfile pgraf-20010131.tar.gz
Package qvplay: missing distfile qvplay-0.95.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
* Upgraded libpng to version 1.6.10-optipng.
* Upgraded zlib to version 1.2.8-optipng.
! Fixed various build issues with libpng-1.5 and libpng-1.6.
* Allowed the handling of huge image files (> millions of pixels
per row or column) to be independent of the libpng version.
+ Allowed the option -preserve to save the file ownership (UID/GID)
on Unix.
! Fixed a build issue with Clang.
+ Added various enhancements to the configure script.
Version 0.7.3 16-sep-2012
-------------
!! Fixed a use-after-free vulnerability in the palette reduction code.
This vulnerability was accidentally introduced in version 0.7.
* Upgraded libpng to version 1.4.12.
* Upgraded zlib to version 1.2.7-optipng.
! Fixed the display of huge (4GB+) file/IDAT sizes on 32-bit platforms.
! Issued a proper error message if the output IDAT can't fit in 2GB.
Acknowledged this limitation in the user manual.
(Thanks to John Sauter for the report.)
! Fixed the output file cleanup that should occur after a write error.
* Added the option -debug and various undocumented debug features.
* Moved the PNG reduction module (opngreduc) to a separate sub-project.
* Upgraded libpng to version 1.4.9.
* Upgraded zlib to version 1.2.6-optipng.
* Resolved a rarely-occurring out-of-bounds memory access error in
Z_RLE, by upgrading zlib.
* Added the popularly-requested option -strip.
The only suboption currently supported is "-strip all".
* Added the option -clobber.
* Added the option -backup, as an alias of -keep.
* Added the option -silent, as an alias of -quiet.
* Deprecated the option -log.
* Changed the activity display output from STDOUT to STDERR.
* Allowed the option -preserve to save high-resolution timestamps
on Unix, if the POSIX-1.2008 API is available. This feature was
previously available on Windows only.
* Fixed a minor precision error in the display of file size percents.
* Fixed a memory leak that occurred when reading broken GIF images.
* Fixed various build issues.
* Resolved all remaining compatibility issues with libpng-1.5.
* Added build support for clang.
* Reorganized the source directory structure.
* Upgraded libpng to version 1.4.5-optipng [private]
* Upgraded zlib to version 1.2.5-optipng [private]
* Fixed the I/O states (in libpng 1.4.5);
they caused incorrect file reads in some rare cases.
* Fixed processing of PNG files with chunks of size 0.
* Fixed a display error in the TIFF import.
* Improved checking of the arguments of -f, -zc, -zm and -zs.
* Removed quirks from the rangeset option argument syntax.
* Fixed a build issue under the system-supplied libpng-1.4.
* Resolved forward-compatibility issues regarding libpng-1.5;
however, the system-supplied libpng-1.5 is not yet supported.
* Added various enhancements to the configure+make build system.
* Added the option -nx.
* Clarified the behavior of -nz and the relation between -nz and -o0.
* Added a filesystem check (resolving normalized paths, symlinks, etc.)
to better detect when the output overwrites the input.
* Enabled automatic wildcard expansion (i.e. globbing) on Win64.
* Fixed a Unicode build issue on Windows.
* Fixed a use-after-free error in the GIF reader.
* Flushed the output log to display the current trial in real time.
* Fixed an error in reporting unrecognized file formats.
* Removed the requirement to "fix" TIFF files that contain unrecognized
metadata.
* Simplified the option abbreviation rules. Option names can now be
abbreviated to their shortest unique prefix, as in X11 applications.
* Upgraded libpng to version 1.2.33-optipng [private]
* Put back a speed optimization, accidentally removed in version 0.6,
allowing singleton trials (-o1) to be bypassed in certain conditions.
* Fixed an array overflow in the BMP reader.
* Fixed the loss of private chunks under the -snip option.
* Produced a more concise on-screen output in the non-verbose mode.
* Added a programming interface to the optimization engine, in order
to facilitate the development of PNG-optimizing GUI apps and plugins.
* Upgraded cexcept to version 2.0.1.
* Added a configure script, to be used instead of unix-secure.mak.
* Fixed a build issue that occured when using libpng from the system.
* Fixed processing when image reduction yields an output larger than
the original.
* Fixed behavior of -preserve.
* Removed displaying of partial progress when abandoning IDATs under
the -v option. The percentages displayed were not very accurate.
Changes 0.6:
* Upgraded libpng to version 1.2.29-optipng [private]
* Implemented grayscale(alpha)-to-palette reductions.
* Improved conversion of bKGD info during RGB-to-palette reductions.
* Fixed conversion of bKGD and tRNS during 16-to-8-bit reductions.
* Added support for compressed BMP (incl. PNG-compressed BMP, you bet!)
* Improved the speed of reading raw PNM files.
* Recognized PNG digital signatures (dSIG) and disabled optimization
in their presence, to preserve their integrity.
* Allowed the user to enforce the optimization of dSIG'ed files.
* Recognized APNG animation files and disabled reductions to preserve
their integrity.
* Added the -snip option, to allow the user to "snip" one image out of
a multi-image file, such as animated GIF, multi-page TIFF, or APNG.
* Improved recovery of PNG files with incomplete IDAT.
* Fixed a crash triggered by the use of -log on some platforms.
* Fixed behavior of -out and -dir when the input is already optimized.
* Provided more detailed image information at the start of processing.
* Provided a more detailed summary at the end of processing, under the
presence of the -v option and/or the occurence of exceptional events.
* Upgraded libpng to version 1.2.15-optipng [private]
* Used a previously-missed RGB-to-palette reduction opportunity
for images containing 256 distinct colors.
* Fixed conversion of bKGD info during rgb-to-palette reductions.
* Fixed pre-computation of iterations.
* Eliminated a false alarm when processing RGB images with tRNS
in Unix-secure mode.
* Fixed behavior of -out and -dir when changing interlacing.
* Fixed behavior of "-dir [DRIVE]:" on Windows.
* Added user options -out and -dir, to specify the name of
the output file or directory.
* Added support for builds based on the system-supplied libpng.
* Upgraded libpng to version 1.2.12-optipng [private]
* Implemented basic support for TIFF (grayscale, RGB and RGBA, uncompressed).
* Avoided the redundant trial when the search space is singular
(e.g. when running "optipng -o1 example.tif").
* Prevented accidental file corruption when using option "-log".
* Fixed (again) a small typo in the online help.
* Implemented bit depth reduction for palette images.
* Upgraded libpng to version 1.2.10-optipng [private]
* Improved the BMP support.
* Added a Unix man page.
* Allowed abbreviation of command-line options.
* Changed user option -log to accept a file name as an argument.
* Changed user option -no to -simulate.
* Fixed an error in handling .bak files on Unix.
* Fixed a small typo in the help screen.
* Added the GUIDE and THANKS documents.
* Converted some text document files to HTML.
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
++ Added pngxtern, a libpng add-on for external image format
support: BMP (uncompressed), GIF, PNM.
(This was incorporated from OptiPNG-Plus.)
++ Implemented RGB(A)-to-palette reductions.
+ If trials are ended prematurely, detailed progression is only
reported under the user option -v.
- Removed reporting of some IDAT sizes that exceeded the optimum.
(This was NOT a bug, but a "feature" that confused some users.)
! Fixed an RGB-to-gray reduction problem that occured under some
specific background colors.
+ Added support for builds based on the system-supplied zlib.
* Modified LICENSE. It is now a verbatim spell of the zlib license.
without losing any information. The idea has been inspired from pngcrush, and
is explained in detail in the PNG-Tech article: "A Guide to PNG optimization"
<http://www.cs.toronto.edu/~cosmin/pngtech/optipng.html>. The implementation
is carried forward in OptiPNG, which offers a faster execution per trial, and
a wider search space.