[OE-core][PATCH] libpng: upgrade 1.6.54 -> 1.6.55

[Peter Marko via lists.openembedded.org]

From: Peter Marko <peter.ma...@siemens.com>

Release notes [1]:
* Fixed CVE-2026-25646 (high severity):
  Heap buffer overflow in `png_set_quantize`.
  (Reported and fixed by Joshua Inscoe.)
* Resolved an oss-fuzz build issue involving nalloc.
  (Contributed by Philippe Antoine.)

[1] https://github.com/pnggroup/libpng/blob/v1.6.55/ANNOUNCE

Signed-off-by: Peter Marko <peter.ma...@siemens.com>
---
 .../libpng/{libpng_1.6.54.bb => libpng_1.6.55.bb}               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/libpng/{libpng_1.6.54.bb => libpng_1.6.55.bb} 
(97%)

diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.54.bb 
b/meta/recipes-multimedia/libpng/libpng_1.6.55.bb
similarity index 97%
rename from meta/recipes-multimedia/libpng/libpng_1.6.54.bb
rename to meta/recipes-multimedia/libpng/libpng_1.6.55.bb
index b017be513b..c6e95e0723 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.54.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.55.bb
@@ -14,7 +14,7 @@ SRC_URI = 
"${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \
            file://run-ptest \
 "
 
-SRC_URI[sha256sum] = 
"01c9d8a303c941ec2c511c14312a3b1d36cedb41e2f5168ccdaa85d53b887805"
+SRC_URI[sha256sum] = 
"d925722864837ad5ae2a82070d4b2e0603dc72af44bd457c3962298258b8e82d"
 
 MIRRORS += "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/ 
${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/older-releases/"
 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#231275): 
https://lists.openembedded.org/g/openembedded-core/message/231275
Mute This Topic: https://lists.openembedded.org/mt/117864470/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-