cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
69,830 Commits 1 Branch 0 Tags
b4bf130a1b
Commit Graph

21 Commits

Author SHA1 Message Date
sthen
378c061449 SECURITY update to png 1.5.5, fixing a divide-by-zero with malformed cHRM 
chunks, this bug was introduced in 1.5.4 - CVE-2011-3328. Clues from naddy@
 2011-09-23 21:00:28 +00:00
naddy
da9fdc4abc SECURITY update to png-1.5.4: 
1. buffer overwrite in png_rgb_to_gray (CVE-2011-2690)
2. crash in png_default_error due to use of NULL Pointer (CVE-2011-2691)
3. memory corruption when handling empty sCAL chunks (CVE-2011-2692)
 2011-07-15 11:10:40 +00:00
naddy
64920edcf7 Update to png 1.5.2. Lots of improvements, but also significant 
API incompatibility:

"The libpng 1.5.x series finally hides the contents of the venerable
and hoary png_struct and png_info data structures inside private
(i.e., non-installed) header files. Instead of direct struct-access,
applications should be using the various png_get_xxx() and png_set_xxx()
accessor functions, which have existed for almost as long as libpng
itself."
 2011-07-08 20:34:36 +00:00
kili
df247d8854 SECRUTY update to 1.22.44 
Fixes CVE-2010-1205.

ok naddy@
 2010-06-27 19:55:04 +00:00
naddy
6bbe29c2fc maintenance update to 1.2.41 2009-12-06 21:43:11 +00:00
naddy
44331772cf minor maintenance update to 1.2.40 2009-10-12 10:17:16 +00:00
naddy
83ad075f4d maintenance update to 1.2.39 2009-08-23 14:44:18 +00:00
naddy
ad59f1741b Security update to 1.2.35: Fix an uninitialized data bug; CVE-2009-0040. 2009-03-04 20:17:16 +00:00
naddy
66e463990e update to 1.2.33, which fixes a minor memory leak 2008-12-02 16:45:59 +00:00
naddy
4de0998058 Maintenance update to 1.2.32. 
Library bump because png_struct has been extended.
 2008-09-28 14:43:22 +00:00
naddy
02c7cbf779 Update to 1.2.28 which fixes a number of "security and crash bugs". 
Bump library version since struct png_struct has changed--this shouldn't be
used externally, but you never know.

ok bernd@
 2008-05-07 14:29:39 +00:00
naddy
d89a9420a7 SECURITY update to 1.2.22. 
Fixes a number of out-of-bounds reads in certain chunk-handlers.
CVE-2007-5266, CVE-2007-5267, CVE-2007-5268, CVE-2007-5269.
 2007-10-16 20:32:18 +00:00
naddy
e0a69b4d6a maintenance update to 1.2.20 2007-10-06 19:33:28 +00:00
naddy
8f78fb5099 SECURITY update to 1.2.18: 
Fix a NULL pointer dereference vulnerability involving palette
images with a malformed tRNS chunk (CVE-2007-2445).
ok steven@
 2007-05-16 19:46:59 +00:00
naddy
b0a7e5d4d9 update to 1.2.16: 
- minor bug fixes
- we now use the same API no matter whether asm optimizations are enabled
  or not
 2007-03-15 19:19:23 +00:00
bernd
6fa372d430 Update to png-1.2.14. 
'fine with me' steven@
 2006-11-30 11:25:32 +00:00
bernd
f0fed5a60b Security update to libpng-1.2.13. (CVE-2006-3334) 
Libpng versions 1.0.6 through 1.2.12 can crash while decoding
the sPLT chunk.  This is due to an incorrect calculation of
the buffer size for storing the palette entries.

ok steven@
 2006-11-18 16:06:26 +00:00
bernd
fcc0136602 Security update to png-1.2.12. 
Fixes a buffer overflow vulnerability.

More information:
http://www.securityfocus.com/bid/18698/

ok steven@ naddy@
 2006-06-29 14:33:47 +00:00
bernd
63b1790f76 Update to png-1.2.10 and better DESCR. 
ok naddy@
 2006-05-10 13:50:01 +00:00
brad
3558d82648 upgrade to png 1.2.8 
From: Simon Dassow <janus at area319 dot de>
 2005-07-24 04:55:35 +00:00
brad
348e1827fe install pkgconfig file for png. 
From: Jacob Meuser <jakemsr at jakemsr dot com>
 2004-10-15 04:41:13 +00:00