Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libpng16 for openSUSE:Factory checked in at 2026-01-17 21:42:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libpng16 (Old) and /work/SRC/openSUSE:Factory/.libpng16.new.1928 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libpng16" Sat Jan 17 21:42:04 2026 rev:62 rq:1327363 version:1.6.54 Changes: -------- --- /work/SRC/openSUSE:Factory/libpng16/libpng16.changes 2026-01-06 17:41:26.021887443 +0100 +++ /work/SRC/openSUSE:Factory/.libpng16.new.1928/libpng16.changes 2026-01-17 21:42:29.165273314 +0100 @@ -1,0 +2,13 @@ +Thu Jan 15 11:00:13 UTC 2026 - Petr Gajdos <[email protected]> + +- version update to 1.6.54: + * Fixed CVE-2026-22695 (medium severity): + Heap buffer over-read in `png_image_read_direct_scaled. + (Reported and fixed by Petr Simecek.) + * Fixed CVE-2026-22801 (medium severity): + Integer truncation causing heap buffer over-read in `png_image_write_*`. + * Implemented various improvements in oss-fuzz. + (Contributed by Philippe Antoine.) +- fixes [bsc#1256526] and [bsc#1256525] + +------------------------------------------------------------------- Old: ---- libpng-1.6.53.tar.gz New: ---- libpng-1.6.54.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libpng16.spec ++++++ --- /var/tmp/diff_new_pack.hVvzmw/_old 2026-01-17 21:42:29.657293469 +0100 +++ /var/tmp/diff_new_pack.hVvzmw/_new 2026-01-17 21:42:29.661293633 +0100 @@ -20,7 +20,7 @@ %define asan_build 0 %define major 1 %define minor 6 -%define micro 53 +%define micro 54 %define branch %{major}%{minor} %define libname libpng%{branch}-%{branch} %define debug_package_requires %{libname} = %{version}-%{release} ++++++ libpng-1.6.53.tar.gz -> libpng-1.6.54.tar.gz ++++++ ++++ 6401 lines of diff (skipped)
