./graphics/png, Library for manipulating PNG images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.6.10, Package name: png-1.6.10, Maintainer: wiz

Libpng was written as a companion to the PNG specification, as a
way to reduce the amount of time and effort it takes to support
the PNG file format in application programs. Most users will not
have to modify the library significantly; advanced users may want
to modify it more. The library was coded for both users. All
attempts were made to make it as complete as possible, while
keeping the code easy to understand. Currently, this library
only supports C. Support for other languages is being considered.


Master sites: (Expand)

SHA1: adb44c93795446eaa4170bf9305b6f771eb368bc
RMD160: 5c72bb73a2f595ad77870dc5f5e814041f8f2681
Filesize: 877.395 KB

Version history: (Expand)


CVS history: (Expand)


   2014-03-12 10:17:52 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.10:

Version 1.6.10rc02 [February 28, 2014]
  Removed unreachable return statement after png_chunk_error()
    in pngrutil.c

Version 1.6.10rc03 [March 4, 2014]
  Un-deprecated png_data_freer().

Version 1.6.10 [March 6, 2014]
   2014-02-27 16:07:09 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.10rc01:
This fixes CERT VU#684412 and CVE-2014-0333.

Version 1.6.10beta01 [February 9, 2014]
  Backported changes from libpng-1.7.0beta30 and beta31:
  Fixed a large number of instances where PNGCBAPI was omitted from
    function definitions.
  Added pngimage test program for png_read_png() and png_write_png()
    with two new test scripts.
  Removed dependence on !PNG_READ_EXPAND_SUPPORTED for calling
    png_set_packing() in png_read_png().
  Fixed combination of ~alpha with shift. On read invert alpha, processing
    occurred after shift processing, which causes the final values to be
    outside the range that should be produced by the shift. Reversing the
    order on read makes the two transforms work together correctly and mirrors
    the order used on write.
  Do not read invalid sBIT chunks. Previously libpng only checked sBIT
    values on write, so a malicious PNG writer could therefore cause
    the read code to return an invalid sBIT chunk, which might lead to
    application errors or crashes.  Such chunks are now skipped (with
    chunk_benign_error).
  Make png_read_png() and png_write_png() prototypes in png.h depend
    upon PNG_READ_SUPPORTED and PNG_WRITE_SUPPORTED.
  Support builds with unsupported PNG_TRANSFORM_* values.  All of the
    PNG_TRANSFORM_* values are always defined in png.h and, because they
    are used for both read and write in some cases, it is not reliable
    to #if out ones that are totally unsupported. This change adds error
    detection in png_read_image() and png_write_image() to do a
    png_app_error() if the app requests something that cannot be done
    and it adds corresponding code to pngimage.c to handle such options
    by not attempting to test them.

Version 1.6.10beta02 [February 23, 2014]
  Moved redefines of png_error(), png_warning(), png_chunk_error(),
    and png_chunk_warning() from pngpriv.h to png.h to make them visible
    to libpng-calling applications.
  Moved OS dependent code from arm/arm_init.c, to allow the included
    implementation of the ARM NEON discovery function to be set at
    build-time and provide sample implementations from the current code in the
    contrib/arm-neon subdirectory. The __linux__ code has also been changed to
    compile and link on Android by using /proc/cpuinfo, and the old linux code
    is in contrib/arm-neon/linux-auxv.c.  The new code avoids POSIX and Linux
    dependencies apart from opening /proc/cpuinfo and is C90 compliant.
  Check for info_ptr == NULL early in png_read_end() so we don't need to
    run all the png_handle_*() and depend on them to return if info_ptr == NULL.
    This improves the performance of png_read_end(png_ptr, NULL) and makes
    it more robust against future programming errors.
  Check for __has_extension before using it in pngconf.h, to
    support older Clang versions (Jeremy Sequoia).
  Treat CRC error handling with png_set_crc_action(), instead of with
    png_set_benign_errors(), which has been the case since libpng-1.6.0beta18.
  Use a user warning handler in contrib/gregbook/readpng2.c instead of default,
    so warnings will be put on stderr even if libpng has CONSOLE_IO disabled.
  Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
    after recognizing the IDAT chunk, which avoids an infinite loop while
    reading a datastream whose first IDAT chunk is of zero-length.
    This fixes CERT VU#684412 and CVE-2014-0333.
  Don't recognize known sRGB profiles as sRGB if they have been hacked,
    but don't reject them and don't issue a copyright violation warning.

Version 1.6.10beta03 [February 25, 2014]
  Moved some documentation from png.h to libpng.3 and libpng-manual.txt
  Minor editing of contrib/arm-neon/README and contrib/examples/*.c

Version 1.6.10rc01 [February 27, 2014]
  Fixed typos in the manual and in scripts/pnglibconf.dfa (CFLAGS -> CPPFLAGS
    and PNG_USR_CONFIG -> PNG_USER_CONFIG).
   2014-02-06 19:24:11 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
Update to 1.6.9, getting rid of the final two patches after discussion
with very helpful upstream.

Changes:

Version 1.6.9beta01 [December 26, 2013]
  Bookkeeping: Moved functions around (no changes). Moved transform
    function definitions before the place where they are called so that
    they can be masde static. Move the intrapixel functions and the
    grayscale palette builder out of the png?tran.c files. The latter
    isn't a transform function and is no longer used internally, and the
    former MNG specific functions are better placed in pngread/pngwrite.c
  Made transform implementation functions static. This makes the internal
    functions called by png_do_{read|write}_transformations static. On an
    x86-64 DLL build (Gentoo Linux) this reduces the size of the text
    segment of the DLL by 1208 bytes, about 0.6%. It also simplifies
    maintenance by removing the declarations from pngpriv.h and allowing
    easier changes to the internal interfaces.
  Rebuilt configure scripts with automake-1.14.1 and autoconf-2.69
    in the tar distributions.

Version 1.6.9beta02 [January 1, 2014]
  Added checks for libpng 1.5 to pngvalid.c.  This supports the use of
    this version of pngvalid in libpng 1.5
  Merged with pngvalid.c from libpng-1.7 changes to create a single
    pngvalid.c
  Removed #error macro from contrib/tools/pngfix.c (Thomas Klausner).
  Merged pngrio.c, pngtrans.c, pngwio.c, and pngerror.c with libpng-1.7.0
  Merged libpng-1.7.0 changes to make no-interlace configurations work
    with test programs.
  Revised pngvalid.c to support libpng 1.5, which does not support the
    PNG_MAXIMUM_INFLATE_WINDOW option, so #define it out when appropriate in
    pngvalid.c
  Allow unversioned links created on install to be disabled in configure.
    In configure builds 'make install' changes/adds links like png.h
    and libpng.a to point to the newly installed, versioned, files (e.g.
    libpng17/png.h and libpng17.a). Three new configure options and some
    rearrangement of Makefile.am allow creation of these links to be disabled.

Version 1.6.9beta03 [January 10, 2014]
  Removed potentially misleading warning from png_check_IHDR().

Version 1.6.9beta04 [January 20, 2014]
  Updated scripts/makefile.* to use CPPFLAGS (Cosmin).
  Added clang attribute support (Cosmin).

Version 1.6.9rc01 [January 28, 2014]
  No changes.

Version 1.6.9rc02 [January 30, 2014]
  Quiet an uninitialized memory warning from VC2013 in png_get_png().

Version 1.6.9 [February 6, 2014]
   2013-12-31 18:27:48 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.8:

Version 1.6.8beta01 [November 24, 2013]
  Moved prototype for png_handle_unknown() in pngpriv.h outside of
    the #ifdef PNG_SET_UNKNOWN_CHUNKS_SUPPORTED/#endif block.
  Added "-Wall" to CFLAGS in contrib/pngminim/*/makefile
  Conditionally compile some unused functions reported by -Wall in
    pngminim.
  Fixed 'minimal' builds. Various obviously useful minimal configurations
    don't build because of missing contrib/libtests test programs and
    overly complex dependencies in scripts/pnglibconf.dfa. This change
    adds contrib/conftest/*.dfa files that can be used in automatic build
    scripts to ensure that these configurations continue to build.
  Enabled WRITE_INVERT and WRITE_PACK in contrib/pngminim/encoder.
  Fixed pngvalid 'fail' function declaration on the Intel C Compiler.
    This reverts to the previous 'static' implementation and works round
    the 'unused static function' warning by using PNG_UNUSED().

Version 1.6.8beta02 [November 30, 2013]
  Removed or marked PNG_UNUSED some harmless "dead assignments" reported
    by clang scan-build.
  Changed tabs to 3 spaces in png_debug macros and changed '"%s"m'
    to '"%s" m' to improve portability among compilers.
  Changed png_free_default() to free() in pngtest.c

Version 1.6.8rc01 [December 12, 2013]
  Tidied up pngfix inits and fixed pngtest no-write builds.

Version 1.6.8rc02 [December 14, 2013]
  Handle zero-length PLTE chunk or NULL palette with png_error()
    instead of png_chunk_report(), which by default issues a warning
    rather than an error, leading to later reading from a NULL pointer
    (png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
    and VU#650142.

Version 1.6.8 [December 19, 2013]
   2013-12-26 16:59:20 by Matthias Scheler | Files touched by this commit (2)
Log message:
Fix build with SunStudio compiler under Solaris.
   2013-11-15 08:42:08 by Matthias Scheler | Files touched by this commit (1)
Log message:
Fix download URL on "ftp.fu-berlin.de".
   2013-11-15 00:09:45 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.7:

Version 1.6.7beta01 [September 30, 2013]
  Revised unknown chunk code to correct several bugs in the NO_SAVE_/NO_WRITE
    combination
  Allow HANDLE_AS_UNKNOWN to work when other options are configured off. Also
    fixed the pngminim makefiles to work when $(MAKEFLAGS) contains stuff
    which terminates the make options (as by default in recent versions of
    Gentoo).
  Avoid up-cast warnings in pngvalid.c. On ARM the alignment requirements of
    png_modifier are greater than that of png_store and as a consequence
    compilation of pngvalid.c results in a warning about increased alignment
    requirements because of the bare cast to (png_modifier*). The code is safe,
    because the pointer is known to point to a stack allocated png_modifier,
    but this change avoids the warning.
  Fixed default behavior of ARM_NEON_API. If the ARM NEON API option was
    compiled without the CHECK option it defaulted to on, not off.
  Check user callback behavior in pngunknown.c. Previous versions compiled
    if SAVE_UNKNOWN was not available but did nothing since the callback
    was never implemented.
  Merged pngunknown.c with 1.7 version and back ported 1.7 improvements/fixes

Version 1.6.7beta02 [October 12, 2013]
  Made changes for compatibility with automake 1.14:
    1) Added the 'compile' program to the list of programs that must be cleaned
       in autogen.sh
    2) Added 'subdir-objects' which causes .c files in sub-directories to be
       compiled such that the corresponding .o files are also in the
       sub-directory.  This is because automake 1.14 warns that the
       current behavior of compiling to the top level directory may be removed
       in the future.
    3) Updated dependencies on pnglibconf.h to match the new .o locations and
       added all the files in contrib/libtests and contrib/tools that depend
       on pnglibconf.h
    4) Added 'BUILD_SOURCES = pnglibconf.h'; this is the automake recommended
       way of handling the dependencies of sources that are machine generated;
       unfortunately it only works if the user does 'make all' or 'make check',
       so the dependencies (3) are still required.
  Cleaned up (char*) casts of zlib messages. The latest version of the Intel C
    compiler complains about casting a string literal as (char*), so copied the
    treatment of z_const from the library code into pngfix.c
  Simplified error message code in pngunknown. The simplification has the
    useful side effect of avoiding a bogus warning generated by the latest
    version of the Intel C compiler (it objects to
    condition ? string-literal : string-literal).
  Make autogen.sh work with automake 1.13 as well as 1.14. Do this by always
    removing the 1.14 'compile' script but never checking for it.

Version 1.6.7beta03 [October 19, 2013]
  Added ARMv8 support (James Yu <james.yu at linaro.org>).  Added file
    arm/filter_neon_intrinsics.c; enable with -mfpu=neon.
  Revised pngvalid to generate size images with as many filters as it can
    manage, limited by the number of rows.
  Cleaned up ARM NEON compilation handling. The tests are now in pngpriv.h
    and detect the broken GCC compilers.

Version 1.6.7beta04 [October 26, 2013]
  Allow clang derived from older GCC versions to use ARM intrinsics. This
    causes all clang builds that use -mfpu=neon to use the intrinsics code,
    not the assembler code.  This has only been tested on iOS 7. It may be
    necessary to exclude some earlier clang versions but this seems unlikely.
  Changed NEON implementation selection mechanism. This allows assembler
    or intrinsics to be turned on at compile time during the build by defining
    PNG_ARM_NEON_IMPLEMENTATION to the correct value (2 or 1).  This macro
    is undefined by default and the build type is selected in pngpriv.h.

Version 1.6.7rc01 [November 2, 2013]
  No changes.

Version 1.6.7rc02 [November 7, 2013]
  Fixed #include in filter_neon_intrinsics.c and ctype macros. The ctype char
    checking macros take an unsigned char argument, not a signed char.

Version 1.6.7 [November 14, 2013]
   2013-09-30 20:17:03 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.6.6:

Version 1.6.6 [September 16, 2013]
  Removed two stray lines of code from arm/arm_init.c, again.