commit libpng16 for openSUSE:Factory

Thu, 18 Apr 2019 04:59:06 -0700 

Hello community,

here is the log from the commit of package libpng16 for openSUSE:Factory 
checked in at 2019-04-18 13:57:46
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libpng16 (Old)
 and      /work/SRC/openSUSE:Factory/.libpng16.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "libpng16"

Thu Apr 18 13:57:46 2019 rev:42 rq:694940 version:1.6.37

Changes:
--------
--- /work/SRC/openSUSE:Factory/libpng16/libpng16.changes        2019-02-04 
21:24:21.295611170 +0100
+++ /work/SRC/openSUSE:Factory/.libpng16.new.5536/libpng16.changes      
2019-04-18 13:58:13.627991261 +0200
@@ -1,0 +2,20 @@
+Wed Apr 17 06:29:11 UTC 2019 - pgaj...@suse.com
+
+- make check actually works under asan
+
+-------------------------------------------------------------------
+Mon Apr 15 15:02:33 UTC 2019 - pgaj...@suse.com
+
+- version update to 1.6.37
+  Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
+  Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
+  Fixed a memory leak in pngtest.c.
+  Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
+    contrib/pngminus; refactor.
+  Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
+    (Contributed by Willem van Schaik)
+  Added makefiles for AddressSanitizer-enabled builds.
+- deleted patches
+  - libpng-arm-free.patch (upstreamed)
+
+-------------------------------------------------------------------

Old:
----
  libpng-1.6.36.tar.xz
  libpng-arm-free.patch

New:
----
  libpng-1.6.37.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libpng16.spec ++++++
--- /var/tmp/diff_new_pack.sRYUi0/_old  2019-04-18 13:58:14.291991482 +0200
+++ /var/tmp/diff_new_pack.sRYUi0/_new  2019-04-18 13:58:14.291991482 +0200
@@ -21,7 +21,7 @@
 
 %define major   1
 %define minor   6
-%define micro   36
+%define micro   37
 %define branch  %{major}%{minor}
 %define libname libpng%{branch}-%{branch}
 %define debug_package_requires %{libname} = %{version}-%{release}
@@ -32,7 +32,6 @@
 License:        Zlib
 Group:          Development/Libraries/C and C++
 Url:            http://www.libpng.org/pub/png/libpng.html
-Patch0:         libpng-arm-free.patch
 Source0:        
http://prdownloads.sourceforge.net/libpng/libpng-%{version}.tar.xz
 Source2:        libpng16.keyring
 Source3:        rpm-macros.libpng-tools
@@ -98,7 +97,6 @@
 
 %prep
 %setup -q -n libpng-%{version}
-%patch0 -p1
 
 %build
 # PNG_SAFE_LIMITS_SUPPORTED: 
http://www.openwall.com/lists/oss-security/2015/01/10/1
@@ -116,10 +114,6 @@
 make %{?_smp_mflags}
 
 %check
-%if %{asan_build}
-# ASAN needs /proc to be mounted
-exit 0
-%endif
 make -j1 check
 
 %install

++++++ libpng-1.6.36.tar.xz -> libpng-1.6.37.tar.xz ++++++
++++ 3105 lines of diff (skipped)

Reply via email to