Mailinglist Archive: opensuse-commit (1903 mails)

< Previous Next >
commit libpng16 for openSUSE:Factory
Hello community,

here is the log from the commit of package libpng16 for openSUSE:Factory
checked in at 2019-04-18 13:57:46
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libpng16 (Old)
and /work/SRC/openSUSE:Factory/.libpng16.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "libpng16"

Thu Apr 18 13:57:46 2019 rev:42 rq:694940 version:1.6.37

Changes:
--------
--- /work/SRC/openSUSE:Factory/libpng16/libpng16.changes 2019-02-04
21:24:21.295611170 +0100
+++ /work/SRC/openSUSE:Factory/.libpng16.new.5536/libpng16.changes
2019-04-18 13:58:13.627991261 +0200
@@ -1,0 +2,20 @@
+Wed Apr 17 06:29:11 UTC 2019 - pgajdos@xxxxxxxx
+
+- make check actually works under asan
+
+-------------------------------------------------------------------
+Mon Apr 15 15:02:33 UTC 2019 - pgajdos@xxxxxxxx
+
+- version update to 1.6.37
+ Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
+ Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
+ Fixed a memory leak in pngtest.c.
+ Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
+ contrib/pngminus; refactor.
+ Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
+ (Contributed by Willem van Schaik)
+ Added makefiles for AddressSanitizer-enabled builds.
+- deleted patches
+ - libpng-arm-free.patch (upstreamed)
+
+-------------------------------------------------------------------

Old:
----
libpng-1.6.36.tar.xz
libpng-arm-free.patch

New:
----
libpng-1.6.37.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libpng16.spec ++++++
--- /var/tmp/diff_new_pack.sRYUi0/_old 2019-04-18 13:58:14.291991482 +0200
+++ /var/tmp/diff_new_pack.sRYUi0/_new 2019-04-18 13:58:14.291991482 +0200
@@ -21,7 +21,7 @@

%define major 1
%define minor 6
-%define micro 36
+%define micro 37
%define branch %{major}%{minor}
%define libname libpng%{branch}-%{branch}
%define debug_package_requires %{libname} = %{version}-%{release}
@@ -32,7 +32,6 @@
License: Zlib
Group: Development/Libraries/C and C++
Url: http://www.libpng.org/pub/png/libpng.html
-Patch0: libpng-arm-free.patch
Source0:
http://prdownloads.sourceforge.net/libpng/libpng-%{version}.tar.xz
Source2: libpng16.keyring
Source3: rpm-macros.libpng-tools
@@ -98,7 +97,6 @@

%prep
%setup -q -n libpng-%{version}
-%patch0 -p1

%build
# PNG_SAFE_LIMITS_SUPPORTED:
http://www.openwall.com/lists/oss-security/2015/01/10/1
@@ -116,10 +114,6 @@
make %{?_smp_mflags}

%check
-%if %{asan_build}
-# ASAN needs /proc to be mounted
-exit 0
-%endif
make -j1 check

%install

++++++ libpng-1.6.36.tar.xz -> libpng-1.6.37.tar.xz ++++++
++++ 3105 lines of diff (skipped)



< Previous Next >
This Thread
  • No further messages