Changes since the last public release (1.2.8):
version 1.2.9 [April 14, 2006]
Initialized some structure members in pngwutil.c to avoid gcc-4.0.0 complaints
Fixed an incorrect typecast in pngrutil.c
Added PNG_NO_READ_SUPPORTED conditionals for making a write-only library.
Added PNG_NO_WRITE_INTERLACING_SUPPORTED conditional.
Optimized alpha-inversion loops in pngwtran.c
Moved test for nonzero gamma outside of png_build_gamma_table() in pngrtran.c
Make sure num_trans is <= 256 before copying data in png_set_tRNS().
Make sure num_palette is <= 256 before copying data in png_set_PLTE().
Interchanged order of write_swap_alpha and write_invert_alpha transforms.
Added parentheses in the definition of PNG_LIBPNG_BUILD_TYPE (Cosmin).
Exported png_get_uint_32, png_save_uint_32, png_get_uint_16, png_save_uint_16,
png_get_int_32, png_save_int_32, png_get_uint_31 (Cosmin).
Added parentheses in the definition of PNG_LIBPNG_BUILD_TYPE (Cosmin).
Added type cast (png_byte) in png_write_sCAL() (Cosmin).
Fixed scripts/makefile.cygwin (Cosmin).
Updated scripts/makefile.bc32 for Borland C++ 5.6 (Cosmin).
Updated scripts/pngos2.def, scripts/pngw32.def (Cosmin).
Updated references to png-mng-implement mailing list.
Revised man page and libpng.txt to make it clear that one should not call
png_read_end or png_write_end after png_read_png or png_write_png.
Optimized zlib window flag (CINFO) in contrib/pngsuite/*.png (Cosmin).
Check for png_rgb_to_gray and png_gray_to_rgb read transformations before
checking for png_read_dither in pngrtran.c
Revise checking of chromaticity limits to accommodate extended RGB
colorspace (John Denker).
Changed line endings in some of the project files to CRLF, even in the
"Unix" tar distributions (Cosmin).
Make png_get_int_32 and png_save_int_32 always available (Cosmin).
Updated scripts/pngos2.def, scripts/pngw32.def and projects/wince/png32ce.def
with the newly exported functions.
Eliminated distributions without the "configure" script.
Updated INSTALL instructions.
Make libpng.pc respect EXEC_PREFIX (D.P.Kreil)
Remove reference to pngasmrd.h from Makefile.am
Change definition of PKGCONFIG from $prefix/lib to $libdir in configure.ac
Removed newline from the end of some error and warning messages.
Removed test for sqrt() from configure.ac and configure.
Made swap tables in pngtrans.c PNG_CONST (Carlo Bramix).
Added "OS2" to list of systems that don't need underscores, in pnggccrd.c
Removed libpng version and date from *.c files.
Removed trailing blanks from source files.
Put version and date of latest change in each source file, and changed
copyright year accordingly.
Restored scripts/makefile.elf which was inadvertently deleted.
Removed libpng.vers and libpng.sym from libpng12_la_SOURCES in Makefile.am
Fixed inconsistent #ifdef's around png_sig_bytes() and png_set_sCAL_s()
in png.h.
Updated makefile.elf as suggested by debian.
Added LN_SF, MKDIR_P, and other macros to some of the makefiles.
Made some makefiles accept "exec_prefix".
Simplified some makefiles by using LIBSO, LIBSOMAJ, and LIBSOVER macros.
Fixed some "#ifdef defined (..." which should be "#ifdef defined(..."
Bug introduced in libpng-1.2.8.
Fixed inconsistency in definition of png_default_read_data()
Revised calculation of "current" and "major" for irix in ltmain.sh
Separated PNG_EXPAND and PNG_EXPAND_tRNS.
Added png_set_expand_gray_1_2_4_to_8() and deprecated
png_set_gray_1_2_4_to_8() which also expands tRNS to alpha.
Include "config.h" in pngconf.h when available.
Added some checks for NULL png_ptr or NULL info_ptr (Coverity)
Made pnggccrd.c PIC-compliant (Christian Aichinger).
Added makefile.mingw (Wolfgang Glas)
Revised pngconf.h MMX checking.
Defined PNG_USER_PRIVATEBUILD when including "pngusr.h" (Cosmin).
Removed nonsensical assertion check from pngtest.c (Cosmin).
Revised makefile.beos and added "none" selector in ltmain.sh
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
Changes since the last public release (1.2.7):
Fixed bug in png_text_compress() that would fail to complete a large block.
Fixed bug, introduced in libpng-1.2.7, that overruns a buffer during
strip alpha operation in png_do_strip_filler().
Added PNG_1_2_X definition in pngconf.h
#ifdef out png_info_init in png.c and png_read_init in pngread.c (as of 1.3.0)
Reduce color_type to a nonalpha type after strip alpha operation in
png_do_strip_filler().
Revised definitions of PNG_MAX_UINT_32, PNG_MAX_SIZE, and PNG_MAXSUM
Fixed (again) definition of PNG_LIBPNG_VER_DLLNUM in png.h (Cosmin).
Added PNG_LIBPNG_BUILD_PRIVATE in png.h (Cosmin).
Set png_ptr->zstream.data_type to Z_BINARY, to avoid unnecessary detection
of data type in deflate (Cosmin).
Deprecated but continue to support SPECIALBUILD and PRIVATEBUILD in favor of
PNG_LIBPNG_BUILD_SPECIAL_STRING and PNG_LIBPNG_BUILD_PRIVATE_STRING.
Despammed mailing addresses by masking "@" with "at".
Added scripts/makefile.elf with supporting code in pngconf.h for symbol
versioning (John Bowler).
Added projects/visualc71 (Simon-pierre).
* Removed unused pngasmrd.h file.
* Removed references to uu.net for archived files. Added references to
PNG Spec (second edition) and the PNG ISO/IEC Standard.
* Added "test-dd" target in 15 makefiles, to run pngtest in DESTDIR.
* Fixed bug with "optimized window size" in the IDAT datastream, that
causes libpng to write PNG files with incorrect zlib header bytes.
* Fixed bug with sCAL chunk and big-endian machines (David Munro).
* Undid new code added in 1.2.6rc2 to update the color_type in
png_set_filler().
* Added png_set_add_alpha() that updates color type.
* Revised png_set_strip_filler() to not remove alpha if color_type has alpha.
* Added makefile.hp64
* Changed projects/msvc/png32ms.def to scripts/png32ms.def in makefile.cygwin
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
because no ABI change or soname changes.
It is important to note that because of the fixed *_RECOMMENDED
mechanism, that 1.2.6rc2 will be the default version required.
security fixes)
changes:
version 1.2.6rc3 [August 9, 2004]
Eliminated use of "abs()" in testing cHRM and gAMA values, to avoid
trouble with some 64-bit compilers. Created PNG_OUT_OF_RANGE() macro.
Revised documentation of png_set_keep_unknown_chunks().
Check handle_as_unknown status in pngpread.c, as in pngread.c previously.
Moved "PNG_HANDLE_CHUNK_*" macros out of PNG_INTERNAL section of png.h
Added "rim" definitions for CONST4 and CONST6 in pnggccrd.c
version 1.2.6rc4 [August 10, 2004]
Fixed mistake in pngtest.c introduced in 1.2.6rc2 (declaration of
"pinfo" was out of place).
version 1.2.6rc5 [August 10, 2004]
Moved "PNG_HANDLE_CHUNK_*" macros out of PNG_ASSEMBLER_CODE_SUPPORTED
section of png.h where they were inadvertently placed in version rc3.
version 1.2.6rc6 [August 15, 2004]
Revised pngtest so memory allocation testing is only done when PNG_DEBUG==1.
changes:
version 1.2.6rc2 [August 8, 2004]
Revised makefile.darwin and makefile.solaris. Removed makefile.macosx.
Revised pngtest's png_debug_malloc() to use png_malloc() instead of
png_malloc_default() which is not supposed to be exported.
Fixed off-by-one error in one of the conversions to PNG_ROWBYTES() in
pngpread.c. Bug was introduced in 1.2.6rc1.
Fixed bug in RGB to RGBX transformation introduced in 1.2.6rc1.
Fixed old bug in RGB to Gray transformation.
Fixed problem with 64-bit compilers by casting arguments to abs()
to png_int_32.
Changed "ln -sf" to "ln -f -s" in three makefiles (solaris, sco, so9).
Changed "HANDLE_CHUNK_*" to "PNG_HANDLE_CHUNK_*" (Cosmin)
Added "-@/bin/rm -f $(DL)/$(LIBNAME).so.$(PNGMAJ)" to 15 *NIX makefiles.
Added code to update the row_info->colortype in png_do_read_filler() (MSB).
posted to png-implement by Glenn Randers-Pherson, libpng's maintainer.
This error was widely reported as "security issue",
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421
even though there is no security issue. The most the error could do is
SIGSEGV, and that only with some fairly uncommon circumstances. The patch
posted with the advisory is in fact flawed, in that it calls strlen() on
presumably arbitrary data.
Bump PKGREVISION.
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
the normal case when BUILDLINK_DEPENDS.<pkg> isn't specified, it receives
a value only once due to the multiple inclusion protection in the
bulldlink3.mk files. In the case where a package includes several
buildlink3.mk files that each want a slightly different version of another
dependency, having BUILDLINK_DEPENDS.<pkg> be a list allows for the
strictest <pkg> dependency to be matched.
images (and bump package to 1.2.5nb2). The following is taken directly
from the png-implement mailing list...
Date: Fri, 20 Dec 2002 11:26:31 -0500
From: Glenn Randers-Pehrson <glennrp@comcast.net>
Reply-To: png-implement@ccrc.wustl.edu
To: png-implement@ccrc.wustl.edu
Subject: Re: [png-implement] bug in png_read_filler() with 16-bit samples
At 01:01 AM 12/5/02 -0500, Glenn Randers-Pehrson wrote:
>A bug has turned up in png_read_filler() with 16-bit samples.
>The starting offsets for the loops are calculated incorrectly
>which causes a buffer overrun beyond the beginning of the row
>buffer.
>
>To fix, at lines 1968 and 1990,
>change "row_width * 3" to "row_width * 6"
>and at lines 1969 and 1991,
>change "row_width;" to "row_width * 2;"
This is only half of the story. Adding an alpha channel to
16-bit *grayscale* images with png_do_read_filler() exhibits
the same bug, and pngcrush crashes if I try to do it.
To fix, at lines 1892, 1893, 1910, and 1911 of pngrtran.c
change "row_width" to "row_width * 2"
Note that applications that do not add an alpha channel via
png_set_filler(), and any applications that do, but reduce 16-bit
samples to 8 bit via png_set_strip_16() are invulnerable to
the bug. Pngcrush is the only application that I know of
that uses png_set_filler() without also using png_set_strip_16().
Glenn
--
Send the message body "help" to png-implement-request@ccrc.wustl.edu
reported to the png-implement mailing list by Glenn Randers-Pehrson:
ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212
[Glenn Randers-Pehrson is the original author and chief maintainer of
libpng.]
From the discussion in the archive, it appears to be unlikely that the
bug could be exploited by a malicious web-server, chiefly because the
operation that triggers it is more likely to be carried out by an image
manipulation program (i.e. pngcrush), than by a web browser.
* Changed png_error() to png_warning() about
"Too much data" in pngpread.c and about
"Extra compressed data" in pngrutil.c.
* Prevent png_ptr->pass from exceeding 7 in
png_push_finish_row().
* Updated png.c and pnggccrd.c handling of return from
png_mmx_support() [Doesn't apply to the package.]
* Only issue png_warning() about "Too much data" in
pngpread.c when avail_in is nonzero.
* Relocated two misplaced PNGAPI lines in pngtest.c
Update submitted by Stefan Krüger in PR/18926.
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
and png_set_text_2(), call for a minor version bump in the shared library.
Update "BUILDLINK_DEPENDS" to current level. Also make the shared library
versions visible in the top-level "Makefile", and add a top-level "test"
target to invoke "pngtest" in ${WRKSRC}.
The following is culled from the extensive "CHANGES" file, ommitting
all make system and doc changes, and some bug fixes for bugs that weren't
present in 1.2.1. See "CHANGES" for complete details:
Added setjmp() at the end of png_create_*_struct_2() in case user forgets
to put one in their application.
Exported png_zalloc(), png_zfree(), png_default_read(), png_default_write(),
png_default_flush(), and png_push_fill_buffer() and included them in
module definition files.
Revised prototype for png_default_flush()
Typos in *.def files (png_default_read|write -> png_default_read|write_data)
Once more restored png_zalloc and png_zfree to regular nonexported form.
Restored png_default_read|write_data, png_default_flush, png_read_fill_buffer
to nonexported form, but with PNGAPI, and removed them from module def files.
Removed "PNGAPI" from png_zalloc() and png_zfree() in png.c
Plugged various memory leaks; added png_malloc_warn() and png_set_text_2()
functions.
Plugged memory leak of png_ptr->current_text (Matt Holgate).
Check for buffer overflow before reading CRC in pngpread.c (Warwick Allison)
Plugged memory leak of row_buf in pngtest.c when there is a png_error().
Detect buffer overflow in pngpread.c when IDAT is corrupted with extra data.
Changed png_warning() to png_error() when width is too large to process.