Changelog for libpng15-15-1.5.13-3.48.x86_64.rpm
* Wed Oct 24 2012 jengelhAATTinai.de- Add missing baselib requires for compat-devel-32bit
* Thu Sep 27 2012 pgajdosAATTsuse.com- updated to 1.5.13: Do not compile PNG_DEPRECATED, PNG_ALLOC and PNG_PRIVATE when __GNUC__ < 3. Removed references to png_zalloc() and png_zfree() from the manual. Revised PNG_FP_EXPORT and PNG_FIXED_EXPORT macros to avoid generating lone semicolons (patch ported from libpng-1.6.0beta11). Corrected handling of the image array and the row_pointers array in example. When png_set_filler is used to strip a filler channel during write, the code prior to 1.5 would ignore the case where the output required an alpha channel or when the output was a palettized PNG. In libpng-1.5 the ignorance was lost and libpng proceeded to strip the channel resulting in a bad (potential memory overwrite) failure later. This reverts the behavior to the pre-1.5 state but issues a warning. libpng-1.6 is expected to issue an error on the erroneous png_set_filler call. Use png_memset() consistently (pngmem.c contained some bare \"memset\" calls).
* Wed Jul 11 2012 pgajdosAATTsuse.com- updated to 1.5.12: Changed \"a+w\" to \"u+w\" in Makefile.in to fix CVE-2012-3386.
* Fri Jun 15 2012 pgajdosAATTsuse.com- updated to 1.5.11: Enable png_set_check_for_invalid_index() for both read and write. Made fixes for new optimization warnings from gcc 4.7.0. The compiler performed an optimization which is safe but then warned about it. Changing the type of \'palette_number\' in pngvalid.c removes the warning. Improved efficiency of new do_check_palette_indexes() function. Don\'t check palette indexes if num_palette is 0 (as it can be in MNG files). Added two images to contrib/pngsuite (1-bit and 2-bit transparent grayscale), and renamed three whose names were inconsistent with those in pngsuite/README.txt.
* Thu Mar 29 2012 pgajdosAATTsuse.com- updated to 1.5.10: Removed two useless #ifdef directives from pngread.c and one from pngrutil.c Always put the CMAKE_LIBRARY in \"lib\" (removed special WIN32 case). Removed empty vstudio/pngstest directory (Clifford Yapp). Eliminated redundant png_push_read_tEXt|zTXt|iTXt|unknown code from pngpread.c and use the sequential png_handle_tEXt, etc., in pngrutil.c; now that png_ptr->buffer is inaccessible to applications, the special handling is no longer useful. Fixed bug with png_handle_hIST with odd chunk length (Frank Busse). Added PNG_SAFE_LIMITS feature to pnglibconf.dfa and code in pngconf.h to reset the user limits to safe ones if PNG_SAFE_LIMITS is defined. To enable, use \"CPPFLAGS=-DPNG_SAFE_LIMITS_SUPPORTED\" on the configure command or put \"#define PNG_SAFE_LIMITS_SUPPORTED\" in pnglibconf.h. Revised the SAFE_LIMITS feature to be the same as the feature in libpng16. Added information about the new limits in the manual. Updated Makefile.in Removed unused \"current_text\" members of png_struct and the png_free() of png_ptr->current_text from pngread.c Fixed PNG_LIBPNG_BUILD_BASE_TYPE definition. Fixed CMF optimization of non-IDAT compressed chunks, which was added at libpng-1.5.4. It sometimes produced too small of a window. Reject all iCCP chunks after the first, even if the first one is invalid. Added palette-index checking. Issue a png_benign_error() if an invalid index is found. Revised example.c to put text strings in a temporary character array instead of directly assigning string constants to png_textp members. This avoids compiler warnings when -Wwrite-strings is enabled. Prevent PNG_EXPAND+PNG_SHIFT doing the shift twice. Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048).
* Mon Feb 20 2012 pgajdosAATTsuse.com- updated to 1.5.9:
* fixed CVE-2011-3026 [bnc#747311]
* Thu Feb 02 2012 pgajdosAATTsuse.com- updated to 1.5.8: Fixed one-byte (stack) buffer-overrun bug in png_formatted_warning() (CVE-2011-3464)
* Mon Dec 19 2011 pgajdosAATTsuse.com- updated to 1.5.7: Added support for ARM processor (Mans Rullgard) Fixed bug in pngvalid on early allocation failure; fixed type cast in pngmem.c; pngvalid would attempt to call png_error() if the allocation of a png_struct or png_info failed. This would probably have led to a crash. The pngmem.c implementation of png_malloc() included a cast to png_size_t which would fail on large allocations on 16-bit systems. Fix for the preprocessor of the Intel C compiler. The preprocessor splits adjacent AATT signs with a space; this changes the concatentation token from AATT-AATT-AATT to PNG_JOIN; that should work with all compiler preprocessors. Paeth filter speed improvements from work by Siarhei Siamashka. This changes the \'Paeth\' reconstruction function to improve the GCC code generation on x86. The changes are only part of the suggested ones; just the changes that definitely improve speed and remain simple. The changes also slightly increase the clarity of the code. Check compression_type parameter in png_get_iCCP and remove spurious casts. The compression_type parameter is always assigned to, so must be non-NULL. The cast of the profile length potentially truncated the value unnecessarily on a 16-bit int system, so the cast of the (byte) compression type to (int) is specified by ANSI-C anyway. Fixed FP division by zero in pngvalid.c; the \'test_pixel\' code left the sBIT fields in the test pixel as 0, which resulted in a floating point division by zero which was irrelevant but causes systems where FP exceptions cause a crash. Added code to pngvalid to turn on FP exceptions if the appropriate glibc support is there to ensure this is tested in the future. Updated scripts/pnglibconf.mak and scripts/makefile.std to handle the new PNG_JOIN macro. Added versioning to pnglibconf.h comments. Simplified read/write API initial version; basic read/write tested on a variety of images, limited documentation (in the header file.) Installed more accurate linear to sRGB conversion tables. The slightly modified tables reduce the number of 16-bit values that convert to an off-by-one 8-bit value. The \"makesRGB.c\" code that was used to generate the tables is now in a contrib/sRGBtables sub-directory. etc. see CHANGES
* Thu Dec 01 2011 idoenmezAATTsuse.de- Name field shouldn\'t contain a macro
* Thu Dec 01 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency