./graphics/png, Library for manipulating PNG images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.6.34, Package name: png-1.6.34, Maintainer: wiz

Libpng was written as a companion to the PNG specification, as a
way to reduce the amount of time and effort it takes to support
the PNG file format in application programs. Most users will not
have to modify the library significantly; advanced users may want
to modify it more. The library was coded for both users. All
attempts were made to make it as complete as possible, while
keeping the code easy to understand. Currently, this library
only supports C. Support for other languages is being considered.


Required to build:
[pkgtools/cwrappers]

Master sites: (Expand)

SHA1: 45de4ec996ffcc3e18037e7c128abe95f4d0292a
RMD160: cc14798ac8ab2a69f2ca6153c3b52452a972b9ae
Filesize: 974.578 KB

Version history: (Expand)


CVS history: (Expand)


   2017-10-02 11:24:30 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
png: update to 1.6.34.

Version 1.6.33beta01 [August 28, 2017]
  Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added missing
    parenthesis in contrib/pngminus/pnm2png.c (bug report by Christian Hesse).
  Fixed off-by-one error in png_do_check_palette_indexes() (Bug report
    by Mick P., Source Forge Issue #269).

Version 1.6.33beta02 [September 3, 2017]
  Initialize png_handler.row_ptr in contrib/oss-fuzz/libpng_read_fuzzer.cc
    to fix shortlived oss-fuzz issue 3234.
  Compute a larger limit on IDAT because some applications write a deflate
    buffer for each row (Bug report by Andrew Church).
  Use current date (DATE) instead of release-date (RDATE) in last
    changed date of contrib/oss-fuzz files.
  Enabled ARM support in CMakeLists.txt (Bernd Kuhls).

Version 1.6.33beta03 [September 14, 2017]
  Fixed incorrect typecast of some arguments to png_malloc() and
    png_calloc() that were png_uint_32 instead of png_alloc_size_t
    (Bug report by "irwir" in Github libpng issue #175).
  Use pnglibconf.h.prebuilt when building for ANDROID with cmake (Github
    issue 162, by rcdailey).

Version 1.6.33rc01 [September 20, 2017]
  Initialize memory allocated by png_inflate to zero, using memset, to
    stop an oss-fuzz "use of uninitialized value" detection in \ 
png_set_text_2()
    due to truncated iTXt or zTXt chunk.
  Initialize memory allocated by png_read_buffer to zero, using memset, to
    stop an oss-fuzz "use of uninitialized value" detection in
    png_icc_check_tag_table() due to truncated iCCP chunk.
  Removed a redundant test (suggested by "irwir" in Github issue #180).

Version 1.6.33rc02 [September 23, 2017]
  Added an interlaced version of each file in contrib/pngsuite.
  Relocate new memset() call in pngrutil.c.
  Removed more redundant tests (suggested by "irwir" in Github issue #180).
  Add support for loading images with associated alpha in the Simplified
    API (Samuel Williams).

Version 1.6.33 [September 28, 2017]
  Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32 state.
  Initialize png_handler.row_ptr in contrib/oss-fuzz/libpng_read_fuzzer.cc
  Add end_info structure and png_read_end() to the libpng fuzzer.

Version 1.6.34 [September 29, 2017]
  Removed contrib/pngsuite/i*.png; some of these were incorrect and caused
    test failures.
   2017-08-26 07:50:01 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.32.

Version 1.6.32beta01 [July 31, 2017]
  Avoid possible NULL dereference in png_handle_eXIf when benign_errors
    are allowed. Avoid leaking the input buffer "eXIf_buf".
  Eliminated png_ptr->num_exif member from pngstruct.h and added num_exif
    to arguments for png_get_eXIf() and png_set_eXIf().
  Added calls to png_handle_eXIf(() in pngread.c and png_write_eXIf() in
    pngwrite.c, and made various other fixes to png_write_eXIf().
  Changed name of png_get_eXIF and png_set_eXIf() to png_get_eXIf_1() and
    png_set_eXIf_1(), respectively, to avoid breaking API compatibility
    with libpng-1.6.31.

Version 1.6.32beta02 [August 1, 2017]
  Updated contrib/libtests/pngunknown.c with eXIf chunk.

Version 1.6.32beta03 [August 2, 2017]
  Initialized btoa[] in pngstest.c
  Stop memory leak when returning from png_handle_eXIf() with an error
    (Bug report from the OSS-fuzz project).

Version 1.6.32beta04 [August 2, 2017]
  Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
  Update libpng.3 and libpng-manual.txt about eXIf functions.

Version 1.6.32beta05 [August 2, 2017]
  Restored png_get_eXIf() and png_set_eXIf() to maintain API compatability.

Version 1.6.32beta06 [August 2, 2017]
  Removed png_get_eXIf_1() and png_set_eXIf_1().

Version 1.6.32beta07 [August 3, 2017]
  Check length of all chunks except IDAT against user limit to fix an
    OSS-fuzz issue.

Version 1.6.32beta08 [August 3, 2017]
  Check length of IDAT against maximum possible IDAT size, accounting
    for height, rowbytes, interlacing and zlib/deflate overhead.
  Restored png_get_eXIf_1() and png_set_eXIf_1(), because strlen(eXIf_buf)
    does not work (the eXIf chunk data can contain zeroes).

Version 1.6.32beta09 [August 3, 2017]
  Require cmake-2.8.8 in CMakeLists.txt. Revised symlink creation,
    no longer using deprecated cmake LOCATION feature (Clifford Yapp).
  Fixed five-byte error in the calculation of IDAT maximum possible size.

Version 1.6.32beta10 [August 5, 2017]
  Moved chunk-length check into a png_check_chunk_length() private
    function (Suggested by Max Stepin).
  Moved bad pngs from tests to contrib/libtests/crashers
  Moved testing of bad pngs into a separate tests/pngtest-badpngs script
  Added the --xfail (expected FAIL) option to pngtest.c. It writes XFAIL
    in the output but PASS for the libpng test.
  Require cmake-3.0.2 in CMakeLists.txt (Clifford Yapp).
  Fix "const" declaration info_ptr argument to png_get_eXIf_1() and the
    num_exif argument to png_get_eXIf_1() (Github Issue 171).

Version 1.6.32beta11 [August 7, 2017]
  Added "eXIf" to "chunks_to_ignore[]" in \ 
png_set_keep_unknown_chunks().
  Added huge_IDAT.png and empty_ancillary_chunks.png to testpngs/crashers.
  Make pngtest --strict, --relax, --xfail options imply -m (multiple).
  Removed unused chunk_name parameter from png_check_chunk_length().
  Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
  Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix OSS-fuzz UMR.
  Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
  Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(), to account
    for the minimum 'deflate' stream, and relocate the test to a point
    after the keyword has been read.
  Check that the eXIf chunk has at least 2 bytes and begins with "II" \ 
or "MM".

Version 1.6.32rc01 [August 18, 2017]
  Added a set of "huge_xxxx_chunk.png" files to contrib/testpngs/crashers,
    one for each known chunk type, with length = 2GB-1.
  Check for 0 return from png_get_rowbytes() and added some (size_t) typecasts
    in contrib/pngminus/*.c to stop some Coverity issues (162705, 162706,
    and 162707).
  Renamed chunks in contrib/testpngs/crashers to avoid having files whose
    names differ only in case; this causes problems with some platforms
    (github issue #172).

Version 1.6.32rc02 [August 22, 2017]
  Added contrib/oss-fuzz directory which contains files used by the oss-fuzz
    project (https://github.com/google/oss-fuzz/tree … cts/libpng).

Version 1.6.32 [August 24, 2017]
  No changes.
   2017-07-28 00:07:07 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.31.

Changes since the last public release (1.6.30):

  Guard the definition of _POSIX_SOURCE in pngpriv.h (AIX already defines it;
    bug report by Michael Felt).
  Revised pngpriv.h to work around failure to compile arm/filter_neon.S
    ("typedef" directive is unrecognized by the assembler). The problem
    was introduced in libpng-1.6.30beta01.
  Added "Requires: zlib" to libpng.pc.in (Pieter Neerincx).
  Added special case for FreeBSD in arm/filter_neon.S (Maya Rashish).
  Added instructions for disabling hardware optimizations in INSTALL.
  Added "--enable-hardware-optimizations" configuration flag to enable
    or disable all hardware optimizations with one flag.
  Updated CMakeLists.txt to add INTEL_SSE and MIPS_MSA platforms.
  Changed "int" to "png_size_t" in intel/filter_sse2.c to prevent
    possible integer overflow (Bug report by John Bowler).
  Quieted "declaration after statement" warnings in intel/filter_sse2.c.
  Added scripts/makefile-linux-opt, which has hardware optimizations enabled.
  Removed one of the GCC-7.1.0 'strict-overflow' warnings that result when
    integers appear on both sides of a compare.  Worked around the others by
    forcing the strict-overflow setting in the relevant functions to a level
    where they are not reported (John Bowler).
  Changed "FALL THROUGH" comments to "FALLTHROUGH" because \ 
GCC doesn't like
    the space.
  Worked around some C-style casts from (void*) because g++ 5.4.0 objects
    to them.
  Increased the buffer size for 'sprint' to pass the gcc 7.1.0 'sprint
    overflow' check that is on by default with -Wall -Wextra.
  Added eXIf chunk support.
  Added a minimal eXIf chunk (with Orientation and FocalLengthIn35mmFilm
    tags) to pngtest.png.
   2017-07-05 06:59:16 by Maya Rashish | Files touched by this commit (2)
Log message:
png: don't typedef things when included by assembler code.
the current change is somewhat overkill and excludes some extra function
declarations, but there's only one assembler file for which it applies and
it was tested to build.

Fixes compilation on ARM reported by John Klos in PR pkg/52367
   2017-07-03 13:07:00 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.30.

Changes since the last public release (1.6.29):

  Added missing "$(CPPFLAGS)" to the compile line for c.pic.o in
    makefile.linux and makefile.solaris-x86 (Cosmin).
  Revised documentation of png_get_error_ptr() in the libpng manual.
  Silence clang -Wcomma and const drop warnings (Viktor Szakats).
  Update Sourceforge URLs in documentation (https instead of http).
  Document need to check for integer overflow when allocating a pixel
    buffer for multiple rows in contrib/gregbook, contrib/pngminus,
    example.c, and in the manual (suggested by Jaeseung Choi). This
    is similar to the bug reported against pngquant in CVE-2016-5735.
  Removed reference to the obsolete PNG_SAFE_LIMITS macro in the documentation.
  Check for integer overflow in contrib/visupng and contrib/tools/genpng.
  Do not double evaluate CMAKE_SYSTEM_PROCESSOR in CMakeLists.txt.
  Test CMAKE_HOST_WIN32 instead of WIN32 in CMakeLists.txt.
  Fix some URL in documentation.
  Avoid writing an empty IDAT when the last IDAT exactly fills the
    compression buffer (bug report by Brian Baird).  This bug was
    introduced in libpng-1.6.0.
  Update copyright year in pnglibconf.h, make ltmain.sh executable.
  Add a reference to the libpng.download site in README.
   2017-04-24 09:18:59 by Thomas Klausner | Files touched by this commit (1)
Log message:
Add new main master site.
   2017-03-16 16:15:42 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated png to 1.6.29.

Version 1.6.29beta01 [January 12, 2017]
  Readded "include(GNUInstallDirs)" to CMakeLists.txt (Gianfranco \ 
Costamagna).
  Moved SSE2 optimization code into the main libpng source directory.
    Configure libpng with "configure --enable-intel-sse" or compile
    libpng with "-DPNG_INTEL_SSE" in CPPFLAGS to enable it.
  Simplified conditional compilation in pngvalid.c, for AIX (Michael Felt).

Version 1.6.29beta02 [February 22, 2017]
  Avoid conditional directives that break statements in pngrutil.c (Romero
    Malaquias)
  The contrib/examples/pngtopng.c recovery code was in the wrong "if"
    branches; the comments were correct.
  Added code for PowerPC VSX optimisation (Vadim Barkov).

Version 1.6.29beta03 [March 1, 2017]
  Avoid potential overflow of shift operations in png_do_expand() (Aaron Boxer).
  Change test ZLIB_VERNUM >= 0x1281 to ZLIB_VERNUM >= 0x1290 in pngrutil.c
    because Solaris 11 distributes zlib-1.2.8.f that is older than 1.2.8.1.
  Suppress clang warnings about implicit sign changes in png.c

Version 1.6.29 [March 16, 2017]
  No changes.
   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.