Changelog for libpng12-0-1.2.57-lp152.4.5.x86_64.rpm :

* Wed Jan 31 2018 check with -j1, be explicit
* Tue Jan 30 2018 Fix SRPM group and grammar issues.
* Mon Jan 02 2017 updated to 1.2.57: fixes CVE-2016-10087
* Thu Dec 17 2015 updated to 1.2.56: Fixed an out-of-range read in png_check_keyword() (Bug report from Qixue Xiao, CVE-2015-8540). Added keyword checks to pngset.c
* Thu Dec 03 2015 updated to 1.2.55: Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr). Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 vulnerability.
* Fri Nov 13 2015 updated to 1.2.54
* Fri Aug 07 2015 build in build section
* Fri Feb 27 2015 updated to 1.2.53: Issue a png_error() instead of a png_warning() when width is potentially too large for the architecture, in case the calling application has overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and CVE-2015-0973). Display user limits in the output from pngtest. Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000. This can only be changed at library-build time. It only affects the maximum memory that can be allocated to an ancillary chunk; it does not limit the size of IDAT data, which is instead limited by PNG_USER_WIDTH_MAX.
* Mon Jan 19 2015 Fix CVE-2013-7354.patch, include limits.h for INT_MAX
* Thu Nov 20 2014 updated to 1.2.52:
* Avoid out-of-bounds memory access while checking version string.