|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: libpng12-0||Distribution: openSUSE Tumbleweed|
|Version: 1.2.59||Vendor: openSUSE|
|Release: 2.1||Build date: Thu May 12 23:23:04 2022|
|Group: System/Libraries||Build host: lamb08|
|Size: 121858||Source RPM: libpng12-1.2.59-2.1.src.rpm|
|Summary: Library for the Portable Network Graphics Format (PNG)|
libpng is the official reference library for the Portable Network Graphics format (PNG).
* Wed May 04 2022 Marcus Meissner <email@example.com> - switched to https url * Wed Jul 17 2019 firstname.lastname@example.org - version update to 1.2.59 Added png_check_chunk_length() function, and check all chunks except IDAT against the default 8MB limit; check IDAT against the maximum size computed from IHDR parameters (Fixes CVE-2017-12652). Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2() due to truncated iTXt or zTXt chunk. * Wed Jan 31 2018 email@example.com - check with -j1, be explicit * Tue Jan 30 2018 firstname.lastname@example.org - Fix SRPM group and grammar issues. * Mon Jan 02 2017 email@example.com - updated to 1.2.57: fixes CVE-2016-10087 * Thu Dec 17 2015 firstname.lastname@example.org - updated to 1.2.56: Fixed an out-of-range read in png_check_keyword() (Bug report from Qixue Xiao, CVE-2015-8540). Added keyword checks to pngset.c * Thu Dec 03 2015 email@example.com - updated to 1.2.55: Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr). Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 vulnerability. * Fri Nov 13 2015 firstname.lastname@example.org - updated to 1.2.54 * Fri Aug 07 2015 email@example.com - build in build section * Fri Feb 27 2015 firstname.lastname@example.org - updated to 1.2.53: Issue a png_error() instead of a png_warning() when width is potentially too large for the architecture, in case the calling application has overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and CVE-2015-0973). Display user limits in the output from pngtest. Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000. This can only be changed at library-build time. It only affects the maximum memory that can be allocated to an ancillary chunk; it does not limit the size of IDAT data, which is instead limited by PNG_USER_WIDTH_MAX.
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Mar 12 00:05:08 2023