cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
71,804 Commits 1 Branch 0 Tags 554 MiB
851b11be82
Commit Graph

118 Commits

Author SHA1 Message Date
rpointel
883bb752a7 Update libpng to 1.5.6. 
bump major version of shared libs.
ok naddy@.
 2011-11-14 17:48:59 +00:00
sthen
378c061449 SECURITY update to png 1.5.5, fixing a divide-by-zero with malformed cHRM 
chunks, this bug was introduced in 1.5.4 - CVE-2011-3328. Clues from naddy@
 2011-09-23 21:00:28 +00:00
naddy
da9fdc4abc SECURITY update to png-1.5.4: 
1. buffer overwrite in png_rgb_to_gray (CVE-2011-2690)
2. crash in png_default_error due to use of NULL Pointer (CVE-2011-2691)
3. memory corruption when handling empty sCAL chunks (CVE-2011-2692)
 2011-07-15 11:10:40 +00:00
naddy
64920edcf7 Update to png 1.5.2. Lots of improvements, but also significant 
API incompatibility:

"The libpng 1.5.x series finally hides the contents of the venerable
and hoary png_struct and png_info data structures inside private
(i.e., non-installed) header files. Instead of direct struct-access,
applications should be using the various png_get_xxx() and png_set_xxx()
accessor functions, which have existed for almost as long as libpng
itself."
 2011-07-08 20:34:36 +00:00
jasper
0e1836bafa Fix for CVE-2011-2501 
libpng "png_format_buffer()" Denial of Service Vulnerability

from upstream git
 2011-07-01 17:09:36 +00:00
naddy
dbfd750590 Cope with bsd.man.mk changes and install source man pages. 
While here, also update some PLISTs, fix PREFIX use, etc.
ok landry@
 2011-06-23 22:50:26 +00:00
naddy
4be689a796 ports that preformat man pages with mandoc via bsd.man.mk don't need groff 2010-10-19 21:04:52 +00:00
espie
0f681543b5 USE_GROFF=Yes 2010-10-18 18:13:12 +00:00
kili
df247d8854 SECRUTY update to 1.22.44 
Fixes CVE-2010-1205.

ok naddy@
 2010-06-27 19:55:04 +00:00
naddy
6bbe29c2fc maintenance update to 1.2.41 2009-12-06 21:43:11 +00:00
naddy
44331772cf minor maintenance update to 1.2.40 2009-10-12 10:17:16 +00:00
naddy
83ad075f4d maintenance update to 1.2.39 2009-08-23 14:44:18 +00:00
naddy
ad59f1741b Security update to 1.2.35: Fix an uninitialized data bug; CVE-2009-0040. 2009-03-04 20:17:16 +00:00
naddy
66e463990e update to 1.2.33, which fixes a minor memory leak 2008-12-02 16:45:59 +00:00
naddy
4de0998058 Maintenance update to 1.2.32. 
Library bump because png_struct has been extended.
 2008-09-28 14:43:22 +00:00
naddy
02c7cbf779 Update to 1.2.28 which fixes a number of "security and crash bugs". 
Bump library version since struct png_struct has changed--this shouldn't be
used externally, but you never know.

ok bernd@
 2008-05-07 14:29:39 +00:00
espie
17d70806a3 tweak FAKE_FLAGS semantics to saner defaults. 2008-01-04 17:48:33 +00:00
naddy
d89a9420a7 SECURITY update to 1.2.22. 
Fixes a number of out-of-bounds reads in certain chunk-handlers.
CVE-2007-5266, CVE-2007-5267, CVE-2007-5268, CVE-2007-5269.
 2007-10-16 20:32:18 +00:00
naddy
e0a69b4d6a maintenance update to 1.2.20 2007-10-06 19:33:28 +00:00
simon
68a2007cc1 remove surrounding quotes from COMMENT/BROKEN/PERMIT_* 2007-09-15 20:09:40 +00:00
naddy
8f78fb5099 SECURITY update to 1.2.18: 
Fix a NULL pointer dereference vulnerability involving palette
images with a malformed tRNS chunk (CVE-2007-2445).
ok steven@
 2007-05-16 19:46:59 +00:00
naddy
ce25e73ce9 Hardcode our build options in pngconf.h so everything sees really the same 
interface.  ok steven@
 2007-04-08 15:02:36 +00:00
espie
9eafbbfb35 base64 checksums. 2007-04-05 16:19:55 +00:00
naddy
b0a7e5d4d9 update to 1.2.16: 
- minor bug fixes
- we now use the same API no matter whether asm optimizations are enabled
  or not
 2007-03-15 19:19:23 +00:00
bernd
0983a6434c The libpng people re-rolled the distfile of png-1.2.14. They fixed 
some fuckup in their autoconf stuff (which we don't use) and changed
dates in comments. Bump PKGNAME.

Noticed by aanriot@, thanks!
 2006-11-30 17:24:13 +00:00
bernd
6fa372d430 Update to png-1.2.14. 
'fine with me' steven@
 2006-11-30 11:25:32 +00:00
bernd
f0fed5a60b Security update to libpng-1.2.13. (CVE-2006-3334) 
Libpng versions 1.0.6 through 1.2.12 can crash while decoding
the sPLT chunk.  This is due to an incorrect calculation of
the buffer size for storing the palette entries.

ok steven@
 2006-11-18 16:06:26 +00:00
bernd
fcc0136602 Security update to png-1.2.12. 
Fixes a buffer overflow vulnerability.

More information:
http://www.securityfocus.com/bid/18698/

ok steven@ naddy@
 2006-06-29 14:33:47 +00:00
bernd
0875288c2e We compile png with -DPNG_NO_ASSEMBLER_CODE. Unfortunately, the libpng build 
system doesn't install a pngconf.h appropriate to the options passed to the
build.
So we have to put a PNG_NO_ASSEMBLER_CODE define into pngconf.h manually.
This unbreaks (at least) ImageMagick on amd64.

Some more information about this problem can be found here:

http://sourceforge.net/mailarchive/forum.php?thread_id=10314069&forum_id=43850

Since we don't want to compile pentium specific code,
remove -DPNG_USE_PNGGCCRD.

Bump major lib version and PKGNAME.

with help & ok steven@, naddy@
 2006-05-13 13:52:48 +00:00
bernd
63b1790f76 Update to png-1.2.10 and better DESCR. 
ok naddy@
 2006-05-10 13:50:01 +00:00
steven
4253de87ce SHARED_LIBS 
feedback and ok naddy@
 2005-12-26 22:33:17 +00:00
fgsch
c5b44fec6e after querying brad@ he decided to drop maintainership for these. 2005-10-30 00:10:39 +00:00
brad
3558d82648 upgrade to png 1.2.8 
From: Simon Dassow <janus at area319 dot de>
 2005-07-24 04:55:35 +00:00
espie
738ce04388 this stuff builds without really installing it now. 2005-04-17 13:37:42 +00:00
naddy
a8817eabcc SIZE 2005-01-05 16:50:35 +00:00
brad
348e1827fe install pkgconfig file for png. 
From: Jacob Meuser <jakemsr at jakemsr dot com>
 2004-10-15 04:41:13 +00:00
brad
b01a5d3ff8 bad bad me, I managed to kill the PKGNAME with the previous commit 
noticed by espie@
 2004-09-22 21:08:20 +00:00
brad
eabc4cd246 upgrade to png 1.2.7 2004-09-20 01:24:10 +00:00
espie
6ad2640218 new plists 2004-09-15 00:46:07 +00:00
espie
512d20367c new plists 2004-08-07 08:03:06 +00:00
brad
9d09e74a0f Add pieces of the libpng jumbo security patch not already in the port. 
http://www.us-cert.gov/cas/techalerts/TA04-217A.html
 2004-08-05 19:17:14 +00:00
espie
8a218ca3a6 more new PLISTs 2004-08-05 09:16:04 +00:00
brad
96f6978640 use upstream patch instead. 2004-07-10 23:19:21 +00:00
brad
edb4a4ba20 fix buffer overflows with 16-bit and greyscale samples. 
CAN-2002-1363

http://www.openpkg.org/security/OpenPKG-SA-2003.001-png.html
http://www.openpkg.org/security/OpenPKG-SA-2004.030-png.html
 2004-07-06 22:17:48 +00:00
brad
59d16f1db0 better diff from openpkg 2004-07-06 22:06:17 +00:00
brad
dc94a9affa sync 2004-07-06 21:53:16 +00:00
robert
f0431b4d0c Fix for CAN-2004-0421: 
Steve Grubb reports a buffer read overrun in libpng's
png_format_buffer function. A specially constructed PNG image
processed by an application using libpng may trigger the buffer
read overrun and possibly result in an application crash.

ok brad@
 2004-05-03 05:13:04 +00:00
brad
879958ba98 remove LDADD instead of leaving it empty. 2004-04-06 08:32:45 +00:00
brad
d54b276e09 oops, check -> regress 2004-02-25 20:24:41 +00:00
brad
9668daea96 - add license marker 
- remove REGRESS_TARGET and add a check target to the png Makefile
 2004-02-24 23:18:57 +00:00