--- - branch: MAIN date: Wed Sep 28 05:34:09 UTC 2011 files: - new: '1.139' old: '1.138' path: pkgsrc/graphics/png/Makefile pathrev: pkgsrc/graphics/png/Makefile@1.139 type: modified - new: '1.86' old: '1.85' path: pkgsrc/graphics/png/distinfo pathrev: pkgsrc/graphics/png/distinfo@1.86 type: modified id: 20110928T053409Z.01cb18ddcd8d411b655d09a82846ad27748793a4 log: | Update to 1.5.5 to fix CVE-2011-3328, requested by tron. Version 1.5.5beta01 [July 13, 2011] Fixed some typos and made other minor changes in the manual. Updated contrib/pngminus/makefile.std (Samuli Souminen) Version 1.5.5beta02 [July 14, 2011] Revised Makefile.am and Makefile.in to look in the right directory for pnglibconf.h.prebuilt Version 1.5.5beta03 [July 27, 2011] Enabled compilation with g++ compiler. This compiler does not recognize the file extension, so it always compiles with C++ rules. Made minor changes to pngrutil.c to cast results where C++ expects it but C does not. Minor editing of libpng.3 and libpng-manual.txt. Version 1.5.5beta04 [July 29, 2011] Revised CMakeLists.txt (Clifford Yapp) Updated commentary about the png_rgb_to_gray() default coefficients in the manual and in pngrtran.c Version 1.5.5beta05 [August 17, 2011] Prevent unexpected API exports from non-libpng DLLs on Windows. The "_DLL" is removed from the test of whether a DLL is being built (this erroneously caused the libpng APIs to be marked as DLL exports in static builds under Microsoft Visual Studio). Almost all of the libpng building configuration is moved from pngconf.h to pngpriv.h, but PNG_DLL_EXPORT remains in pngconf.h, though, so that it is colocated with the import definition (it is no longer used anywhere in the installed headers). The VStudio project definitions have been cleaned up: "_USRDLL" has been removed from the static library builds (this was incorrect), and PNG_USE_DLL has been added to pngvalid to test the functionality (pngtest does not supply it, deliberately). The spurious "_EXPORTS" has been removed from the libpng build (all these errors were a result of copy/paste between project configurations.) Added new types and internal functions for CIE RGB end point handling to pngpriv.h (functions yet to be implemented). Version 1.5.5beta06 [August 26, 2011] Ensure the CMAKE_LIBRARY_OUTPUT_DIRECTORY is set in CMakeLists.txt (Clifford Yap) Fixes to rgb_to_gray and cHRM XYZ APIs (John Bowler): The rgb_to_gray code had errors when combined with gamma correction. Some pixels were treated as true grey when they weren't and such pixels and true grey ones were not gamma corrected (the original value of the red component was used instead). APIs to get and set cHRM using color space end points have been added and the rgb_to_gray code that defaults based on cHRM, and the divide-by-zero bug in png_handle_cHRM (CERT VU#477046, CVE-2011-3328, introduced in 1.5.4) have been corrected. A considerable number of tests has been added to pngvalid for the rgb_to_gray transform. Arithmetic errors in rgb_to_gray whereby the calculated gray value was truncated to the bit depth rather than rounded have been fixed except in the 8-bit non-gamma-corrected case (where consistency seems more important than correctness.) The code still has considerable inaccuracies in the 8-bit case because 8-bit linear arithmetic is used. Version 1.5.5beta07 [September 7, 2011] Added "$(ARCH)" option to makefile.darwin Added SunOS support to configure.ac and Makefile.am Changed png_chunk_benign_error() to png_warning() in png.c, in png_XYZ_from_xy_checked(). Version 1.5.5beta08 [September 10, 2011] Fixed 64-bit compilation errors (gcc). The errors fixed relate to conditions where types that are 32 bits in the GCC 32-bit world (uLong and png_size_t) become 64 bits in the 64-bit world. This produces potential truncation errors that the compiler correctly flags. Relocated new HAVE_SOLARIS_LD definition in configure.ac Constant changes for 64-bit compatibility (removal of L suffixes). The 16-bit cases still use "L" as we don't have a 16-bit test system. Version 1.5.5rc01 [September 17, 2011] Removed "L" suffixes from constants in pngpriv.h Version 1.5.5 [September 22, 2011] No changes. module: pkgsrc subject: 'CVS commit: pkgsrc/graphics/png' unixtime: '1317188049' user: wiz