|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: libpng12-0||Distribution: openSUSE Tumbleweed|
|Version: 1.2.59||Vendor: openSUSE|
|Release: 1.1||Build date: Thu Jul 18 19:46:50 2019|
|Group: System/Libraries||Build host: sheep83|
|Size: 117584||Source RPM: libpng12-1.2.59-1.1.src.rpm|
|Summary: Library for the Portable Network Graphics Format (PNG)|
libpng is the official reference library for the Portable Network Graphics format (PNG).
* Wed Jul 17 2019 email@example.com - version update to 1.2.59 Added png_check_chunk_length() function, and check all chunks except IDAT against the default 8MB limit; check IDAT against the maximum size computed from IHDR parameters (Fixes CVE-2017-12652). Initialize memory allocated by png_inflate to zero, using memset, to stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2() due to truncated iTXt or zTXt chunk. * Wed Jan 31 2018 firstname.lastname@example.org - check with -j1, be explicit * Tue Jan 30 2018 email@example.com - Fix SRPM group and grammar issues. * Mon Jan 02 2017 firstname.lastname@example.org - updated to 1.2.57: fixes CVE-2016-10087 * Thu Dec 17 2015 email@example.com - updated to 1.2.56: Fixed an out-of-range read in png_check_keyword() (Bug report from Qixue Xiao, CVE-2015-8540). Added keyword checks to pngset.c * Thu Dec 03 2015 firstname.lastname@example.org - updated to 1.2.55: Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr). Fixed incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 vulnerability. * Fri Nov 13 2015 email@example.com - updated to 1.2.54 * Fri Aug 07 2015 firstname.lastname@example.org - build in build section * Fri Feb 27 2015 email@example.com - updated to 1.2.53: Issue a png_error() instead of a png_warning() when width is potentially too large for the architecture, in case the calling application has overridden the default 1,000,000-column limit (fixes CVE-2014-9495 and CVE-2015-0973). Display user limits in the output from pngtest. Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000. This can only be changed at library-build time. It only affects the maximum memory that can be allocated to an ancillary chunk; it does not limit the size of IDAT data, which is instead limited by PNG_USER_WIDTH_MAX. * Mon Jan 19 2015 firstname.lastname@example.org - Fix CVE-2013-7354.patch, include limits.h for INT_MAX * Thu Nov 20 2014 email@example.com - updated to 1.2.52: * Avoid out-of-bounds memory access while checking version string.
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Oct 15 00:13:40 2019