Path to this page:
Subject: CVS commit: pkgsrc/graphics/png
From: Thomas Klausner
Date: 2011-06-08 08:58:59
Message id: 20110608065900.63718175DD@cvs.netbsd.org
Log Message:
Update to 1.5.3rc02 for a security fix.
Version 1.5.3beta07 [May 11, 2011]
Added expand_16 support to the high level interface.
Added named value and 'flag' gamma support to png_set_gamma. Made a minor
change from the previous (unreleased) ABI/API to hide the exact value used
for Macs - it's not a good idea to embed this in the ABI!
Moved macro definitions for PNG_HAVE_IHDR, PNG_HAVE_PLTE, and PNG_AFTER_IDAT
from pngpriv.h to png.h because they must be visible to applications
that call png_set_unknown_chunks().
Check for up->location !PNG_AFTER_IDAT when writing unknown chunks
before IDAT.
Version 1.5.3beta08 [May 16, 2011]
Improved "pngvalid --speed" to exclude more of pngvalid from the time.
Documented png_set_alpha_mode(), other changes in libpng.3/libpng-manual.txt
The cHRM chunk now sets the defaults for png_set_rgb_to_gray() (when negative
parameters are supplied by the caller), while in the absence of cHRM
sRGB/Rec 709 values are still used.
The bKGD chunk no longer overwrites the background value set by
png_set_background(), allowing the latter to be used before the file
header is read. It never performed any useful function to override
the default anyway.
Added memory overwrite and palette image checks to pngvalid.c
Previously palette image code was poorly checked. Since the transformation
code has a special palette path in most cases this was a severe weakness.
Minor cleanup and some extra checking in pngrutil.c and pngrtran.c. When
expanding an indexed image, always expand to RGBA if transparency is
present.
Version 1.5.3beta09 [May 17, 2011]
Reversed earlier 1.5.3 change of transformation order; move png_expand_16
back where it was. The change doesn't work because it requires 16-bit
gamma tables when the code only generates 8-bit ones. This fails
silently; the libpng code just doesn't do any gamma correction. Moving
the tests back leaves the old, inaccurate, 8-bit gamma calculations, but
these are clearly better than none!
Version 1.5.3beta10 [May 20, 2011]
png_set_background() and png_expand_16() did not work together correctly.
This problem is present in 1.5.2; if png_set_background is called with
need_expand false and the matching 16 bit color libpng erroneously just
treats it as an 8-bit color because of where png_do_expand_16 is in the
transform list. This simple fix reduces the supplied colour to 8-bits,
so it gets smashed, but this is better than the current behavior.
Added tests for expand16, more fixes for palette image tests to pngvalid.
Corrects the code for palette image tests and disables attempts to
validate palette colors.
Version 1.5.3rc01 [June 3, 2011]
No changes.
Version 1.5.3rc02 [June 7, 2011]
Fixed 1-byte uninitialized memory reference in png_format_buffer() (Bug
report by Frank Busse, related to CVE-2004-0421).
Files: