Subject: CVS commit: pkgsrc/graphics/pngcheck
From: Frederic Cambus
Date: 2022-12-14 15:33:24
Message id: 20221214143324.56879FA90@cvs.NetBSD.org
Log Message:
pngcheck: update to 3.0.3.

 * ChangeLog (oldest first):

 * 20070709 GRR: tweaked color definitions slightly to work better on terminals
 *               with white/light backgrounds
 * 20070712 GRR: added Makefile.mingw32
 * 20100504 GRR: fixed DHDR (pre-MNG-1.0) bug identified by Winfried \ 
<szukw000@arcor.de>
 * 20170713 GRP: added eXIf support (GRR: added check for II/MM/unknown format)
 * 20201012 BB:  converted static const help/usage-related strings to macros so
 *               -Werror=format-security doesn't trigger (Ben Beasley)
 * 20201015 BB:  added (help2man-generated) man pages for all three utils
 * 20201017 GRR: added top-level LICENSE file; fixed various compiler warnings
 * 20201031 GRR: replaced gpl/COPYING (outdated address, references to Library
 *               GPL) with https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
 *               (thanks to Ben Beasley for catching that)
 * 20201031 GRR: released version 2.4.0
 *               ----------------------
 * 20201113 BB:  fixed buffer-overflow vulnerability discovered by "giantbranch
 *               of NSFOCUS Security Team"
 *               https://bugzilla.redhat.com/show_bug.cgi?id=1897485
 * 20201128 BB:  found and fixed four additional vulnerabilities (null-pointer
 *               dereference and three buffer overruns)
 * 20201209 LP:  fixed an off-by-one bug in check_magic() (Lucy Phipps)
 * 20201209 LL:  converted two zlib-version warnings/errors to go to stderr
 *               (Lemures Lemniscati, actually from 20180318; forwarded by LP)
 * 20201210 BB:  fixed another buffer-overflow vulnerability discovered by
 *               "giantbranch of NSFOCUS Security Team"
 *               https://bugzilla.redhat.com/show_bug.cgi?id=1905775
 * 20201212 GRR: removed -f ("force") option due to multiple security \ 
issues
 * 20201212 GRR: released version 3.0.0
 *               ----------------------
 * 20201214 BB:  generalized previous sPLT buffer-overrun fix, and found and
 *               fixed a PPLT vulnerability
 * 20210124 GRR: released version 3.0.1
 *               ----------------------
 * 20201217 BB:  fixed a crash bug (and probable vulnerability) in large (MNG)
 *               LOOP chunks
 * 20210131 GRR: updated Makefile.mingw32 for modern versions and added
 *               Makefile.mingw64 (targets Win64); both are essentially
 *               UNTESTED, however!
 * 20210131 GRR: released version 3.0.2
 *               ----------------------
 * 20210416 BB:  fixed a divide-by-zero crash bug (and probable vulnerability)
 *               in interlaced images with extra compressed data beyond the
 *               nominal end of the image data (found by "chiba of topsec alpha
 *               lab")
 * 20210425 GRR: released version 3.0.3
 *               ----------------------
Files:
RevisionActionfile
1.5modifypkgsrc/graphics/pngcheck/Makefile
1.6modifypkgsrc/graphics/pngcheck/distinfo