commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2018-01-13 21:48:34 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Sat Jan 13 21:48:34 2018 rev:36 rq:563780 version:0.7.7 Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2017-11-27 22:18:31.458388237 +0100 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2018-01-13 21:48:38.459295751 +0100 @@ -1,0 +2,18 @@ +Fri Jan 12 07:57:59 UTC 2018 - pgaj...@suse.com + +- update to 0.7.7: +* Upgraded minitiff to version 0.2. + !! Fixed a buffer overflow vulnerability in the GIF decoder. + [Reported by Joonun Jang] + !! Fixed an integer overflow vulnerability in the TIFF decoder. + [Reported by Jaeseung Choi] +! Fixed the build on macOS High Sierra. + [Reported by various users] + [Fixed by Yuen Ho Wong and Friedrich Preuss] +! Fixed the build on DJGPP. +* Disallowed out-of-bounds values in rangeset options. +- removed upstream patches: + - optipng-CVE-2017-1000229.patch + - optipng-CVE-2017-16938.patch + +--- Old: optipng-0.7.6.tar.gz optipng-CVE-2017-1000229.patch optipng-CVE-2017-16938.patch New: optipng-0.7.7.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.uixEgK/_old 2018-01-13 21:48:40.015223210 +0100 +++ /var/tmp/diff_new_pack.uixEgK/_new 2018-01-13 21:48:40.031222464 +0100 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: optipng -Version:0.7.6 +Version:0.7.7 Release:0 Summary:A PNG File Compressor License:Zlib @@ -25,8 +25,6 @@ Url:http://optipng.sourceforge.net/ Source0: http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz Source1:macros.optipng -Patch0: optipng-CVE-2017-1000229.patch -Patch1: optipng-CVE-2017-16938.patch BuildRequires: libpng-devel BuildRequires: zlib-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -39,8 +37,6 @@ %prep %setup -q -%patch0 -p1 -%patch1 -p1 %build # not autotools generated configure ++ optipng-0.7.6.tar.gz -> optipng-0.7.7.tar.gz ++ 49542 lines of diff (skipped)
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2017-11-27 22:18:21 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Mon Nov 27 22:18:21 2017 rev:35 rq:545849 version:0.7.6 Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2017-11-20 17:07:28.949252300 +0100 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2017-11-27 22:18:31.458388237 +0100 @@ -1,0 +2,7 @@ +Mon Nov 27 08:19:44 UTC 2017 - pgaj...@suse.com + +- security update: + * CVE-2017-16938 [bsc#1069774] ++ optipng-CVE-2017-16938.patch + +--- New: optipng-CVE-2017-16938.patch Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.uXgLU7/_old 2017-11-27 22:18:32.290358041 +0100 +++ /var/tmp/diff_new_pack.uXgLU7/_new 2017-11-27 22:18:32.290358041 +0100 @@ -26,6 +26,7 @@ Source0: http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz Source1:macros.optipng Patch0: optipng-CVE-2017-1000229.patch +Patch1: optipng-CVE-2017-16938.patch BuildRequires: libpng-devel BuildRequires: zlib-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -39,6 +40,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build # not autotools generated configure ++ optipng-CVE-2017-16938.patch ++ --- a/src/gifread/gifread.c +++ b/src/gifread/gifread.c @@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size, FILE *stream) *sp++ = table[1][code]; if (code == table[0][code]) GIFError("GIF/LZW error: circular table entry"); +if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0])) +GIFError("GIF/LZW error: circular table"); code = table[0][code]; }
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2017-11-20 17:06:58 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Mon Nov 20 17:06:58 2017 rev:34 rq:543842 version:0.7.6 Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2016-04-06 11:52:51.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2017-11-20 17:07:28.949252300 +0100 @@ -1,0 +2,7 @@ +Mon Nov 20 10:28:38 UTC 2017 - pgaj...@suse.com + +- security update: + * CVE-2017-1000229 [bsc#1068720] ++ optipng-CVE-2017-1000229.patch + +--- New: optipng-CVE-2017-1000229.patch Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.lLXJX7/_old 2017-11-20 17:07:29.56523 +0100 +++ /var/tmp/diff_new_pack.lLXJX7/_new 2017-11-20 17:07:29.569229855 +0100 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,7 @@ Url:http://optipng.sourceforge.net/ Source0: http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz Source1:macros.optipng +Patch0: optipng-CVE-2017-1000229.patch BuildRequires: libpng-devel BuildRequires: zlib-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,6 +38,7 @@ %prep %setup -q +%patch0 -p1 %build # not autotools generated configure ++ optipng-CVE-2017-1000229.patch ++ >From 77ac8e9fd9b2c1aeec3951e2bb50f7cc2c1e92d2 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Sun, 19 Nov 2017 16:04:26 +0100 Subject: [PATCH] Prevent integer overflow (bug #65, CVE-2017-1000229) --- src/minitiff/tiffread.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/minitiff/tiffread.c b/src/minitiff/tiffread.c index b4910ec..5f9b376 100644 --- a/src/minitiff/tiffread.c +++ b/src/minitiff/tiffread.c @@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FILE *fp) count = tiff_ptr->strip_offsets_count; if (count == 0 || count > tiff_ptr->height) goto err_invalid; +if (count > (size_t)-1 / sizeof(long)) +goto err_memory; tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long)); if (tiff_ptr->strip_offsets == NULL) goto err_memory; -- 2.14.2
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2016-04-06 11:52:49 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2015-04-27 22:09:20.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2016-04-06 11:52:51.0 +0200 @@ -1,0 +2,5 @@ +Tue Apr 5 08:15:40 UTC 2016 - pgaj...@suse.com + +- updated to 0.7.6, fixes CVE-2016-2191 + +--- Old: optipng-0.7.5.tar.gz New: optipng-0.7.6.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.RjsdpK/_old 2016-04-06 11:52:52.0 +0200 +++ /var/tmp/diff_new_pack.RjsdpK/_new 2016-04-06 11:52:52.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: optipng -Version:0.7.5 +Version:0.7.6 Release:0 Summary:A PNG File Compressor License:Zlib ++ optipng-0.7.5.tar.gz -> optipng-0.7.6.tar.gz ++ 55687 lines of diff (skipped)
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2015-04-27 22:08:57 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2014-03-31 20:44:05.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2015-04-27 22:09:20.0 +0200 @@ -1,0 +2,7 @@ +Mon Apr 27 14:23:20 UTC 2015 - mplus...@suse.com + +- Cleanup spec file with spec-clener +- Update dependencies +- Enable checks + +--- Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.Jm9lm9/_old 2015-04-27 22:09:21.0 +0200 +++ /var/tmp/diff_new_pack.Jm9lm9/_new 2015-04-27 22:09:21.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,8 +25,8 @@ Url:http://optipng.sourceforge.net/ Source0: http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz Source1:macros.optipng -# patch sent at cos...@cs.toronto.edu BuildRequires: libpng-devel +BuildRequires: zlib-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -39,8 +39,14 @@ %setup -q %build +# not autotools generated configure export CFLAGS="%{optflags}" -./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix} -mandir=%{_mandir} +./configure \ + -with-system-zlib \ + -with-system-libpng \ + -prefix=%{_prefix} \ + -mandir=%{_mandir} + #don't strip binaries sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile make %{?_smp_mflags} @@ -49,11 +55,14 @@ make DESTDIR=%{buildroot} install %{?_smp_mflags} install -D -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/rpm/macros.optipng +%check +make %{?_smp_mflags} check + %files %defattr(-,root,root) %doc README.txt doc %{_bindir}/optipng %{_mandir}/man1/optipng.1.gz -%{_sysconfdir}/rpm/macros.optipng +%config %{_sysconfdir}/rpm/macros.optipng %changelog
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2014-03-31 20:44:04 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2013-02-15 18:49:13.0 +0100 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2014-03-31 20:44:05.0 +0200 @@ -1,0 +2,11 @@ +Mon Mar 31 07:56:27 UTC 2014 - pgaj...@suse.com + +- updated to 0.7.5: + ! Fixed various build issues with libpng-1.5 and libpng-1.6. + * Allowed the handling of huge image files (> millions of pixels +per row or column) to be independent of the libpng version. + + Allowed the option -preserve to save the file ownership (UID/GID) +on Unix. (Thanks to Otto Kekäläinen for the suggestion.) +- removed libpng16.patch + +--- Old: optipng-0.7.4.tar.gz optipng-libpng16.patch New: optipng-0.7.5.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.rzF46b/_old 2014-03-31 20:44:06.0 +0200 +++ /var/tmp/diff_new_pack.rzF46b/_new 2014-03-31 20:44:06.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,18 +17,17 @@ Name: optipng -BuildRequires: libpng-devel +Version:0.7.5 +Release:0 Summary:A PNG File Compressor License:Zlib Group: Productivity/Archiving/Compression -Version:0.7.4 -Release:0 Url:http://optipng.sourceforge.net/ -BuildRoot: %{_tmppath}/%{name}-%{version}-build -Source0:%name-%{version}.tar.gz +Source0: http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz Source1:macros.optipng # patch sent at cos...@cs.toronto.edu -Patch0: optipng-libpng16.patch +BuildRequires: libpng-devel +BuildRoot: %{_tmppath}/%{name}-%{version}-build %description OptiPNG is a PNG optimizer that recompresses image files to a smaller @@ -36,32 +35,25 @@ external formats (BMP, GIF, PNM; TIFF support is coming up) to optimized PNG, and performs PNG integrity checks and corrections. - - -Authors: - -Cosmin Truta cos...@cs.toronto.edu - %prep %setup -q -%patch0 -p1 %build -export CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="%{optflags}" ./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix} -mandir=%{_mandir} #don't strip binaries sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile -make +make %{?_smp_mflags} %install -%makeinstall -install -D -m644 %{SOURCE1} $RPM_BUILD_ROOT/etc/rpm/macros.optipng +make DESTDIR=%{buildroot} install %{?_smp_mflags} +install -D -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/rpm/macros.optipng %files %defattr(-,root,root) %doc README.txt doc -/usr/bin/optipng -/usr/share/man/man1/optipng.1.gz -/etc/rpm/macros.optipng +%{_bindir}/optipng +%{_mandir}/man1/optipng.1.gz +%{_sysconfdir}/rpm/macros.optipng %changelog ++ optipng-0.7.4.tar.gz -> optipng-0.7.5.tar.gz ++ 164455 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2013-02-15 18:49:12 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng", Maintainer is "pgaj...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-11-28 16:19:22.0 +0100 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2013-02-15 18:49:13.0 +0100 @@ -1,0 +2,6 @@ +Fri Feb 15 12:35:19 UTC 2013 - pgaj...@suse.com + +- build also agains libpng16 + * libpng16.patch + +--- New: optipng-libpng16.patch Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.iEZMPF/_old 2013-02-15 18:49:14.0 +0100 +++ /var/tmp/diff_new_pack.iEZMPF/_new 2013-02-15 18:49:14.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,6 +27,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0:%name-%{version}.tar.gz Source1:macros.optipng +# patch sent at cos...@cs.toronto.edu +Patch0: optipng-libpng16.patch %description OptiPNG is a PNG optimizer that recompresses image files to a smaller @@ -42,6 +44,7 @@ %prep %setup -q +%patch0 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" ++ optipng-libpng16.patch ++ Index: optipng-0.7.4/src/opngreduc/opngreduc.c === --- optipng-0.7.4.orig/src/opngreduc/opngreduc.c +++ optipng-0.7.4/src/opngreduc/opngreduc.c @@ -20,6 +20,8 @@ #include "opngreduc.h" +#include + #ifndef OPNG_ASSERT #include #define OPNG_ASSERT(cond) assert(cond) Index: optipng-0.7.4/src/pngxtern/pngxmem.c === --- optipng-0.7.4.orig/src/pngxtern/pngxmem.c +++ optipng-0.7.4/src/pngxtern/pngxmem.c @@ -8,6 +8,7 @@ #include "pngxutil.h" +#include #ifdef PNG_INFO_IMAGE_SUPPORTED -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2012-11-28 16:19:18 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng", Maintainer is "pgaj...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-09-25 10:44:23.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-11-28 16:19:22.0 +0100 @@ -1,0 +2,7 @@ +Tue Nov 20 12:24:53 UTC 2012 - pgaj...@suse.com + +- updated to 0.7.4: + !! Fixed the previous fix, which failed to fix the option -fix. + (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.) + +--- Old: optipng-0.7.3.tar.gz New: optipng-0.7.4.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.Y7cUpz/_old 2012-11-28 16:19:24.0 +0100 +++ /var/tmp/diff_new_pack.Y7cUpz/_new 2012-11-28 16:19:24.0 +0100 @@ -21,7 +21,7 @@ Summary:A PNG File Compressor License:Zlib Group: Productivity/Archiving/Compression -Version:0.7.3 +Version:0.7.4 Release:0 Url:http://optipng.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ optipng-0.7.3.tar.gz -> optipng-0.7.4.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7.3/AUTHORS.txt new/optipng-0.7.4/AUTHORS.txt --- old/optipng-0.7.3/AUTHORS.txt 2012-09-16 16:16:00.0 +0200 +++ new/optipng-0.7.4/AUTHORS.txt 2012-10-22 03:41:00.0 +0200 @@ -1,4 +1,4 @@ -# OptiPNG version 0.7.3 +# OptiPNG version 0.7.4 # Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors. # See the accompanying LICENSE file for details. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7.3/README.txt new/optipng-0.7.4/README.txt --- old/optipng-0.7.3/README.txt2012-09-16 16:16:00.0 +0200 +++ new/optipng-0.7.4/README.txt2012-10-22 03:41:00.0 +0200 @@ -1,5 +1,5 @@ -OptiPNG 0.7.3: Advanced PNG optimizer. +OptiPNG 0.7.4: Advanced PNG optimizer. Copyright (C) 2001-2012 Cosmin Truta. == @@ -23,14 +23,14 @@ Build instructions -- On Unix, or under a Bourne-compatible shell, run ./configure and make: -cd optipng-0.7.3/ +cd optipng-0.7.4/ ./configure make make test Alternatively, use a pre-configured makefile that matches your compiler; e.g.: -cd optipng-0.7.3/ +cd optipng-0.7.4/ nmake -f build/visualc.mk nmake -f build/visualc.mk test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7.3/doc/history.txt new/optipng-0.7.4/doc/history.txt --- old/optipng-0.7.3/doc/history.txt 2012-09-16 16:16:00.0 +0200 +++ new/optipng-0.7.4/doc/history.txt 2012-10-22 03:41:00.0 +0200 @@ -13,6 +13,11 @@ (crash, data/metadata loss or security hazard). * Other modification (e.g. architectural improvement). +Version 0.7.4 21-oct-2012 +- +!! Fixed the previous fix, which failed to fix the option -fix. + (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.) + Version 0.7.3 16-sep-2012 - !! Fixed a use-after-free vulnerability in the palette reduction code. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7.3/doc/optipng.man.html new/optipng-0.7.4/doc/optipng.man.html --- old/optipng-0.7.3/doc/optipng.man.html 2012-09-16 16:16:00.0 +0200 +++ new/optipng-0.7.4/doc/optipng.man.html 2012-10-22 03:41:00.0 +0200 @@ -1,5 +1,5 @@ - + http://www.w3.org/TR/html4/loose.dtd";> Files old/optipng-0.7.3/doc/optipng.man.pdf and new/optipng-0.7.4/doc/optipng.man.pdf differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7.3/doc/optipng.man.txt new/optipng-0.7.4/doc/optipng.man.txt --- old/optipng-0.7.3/doc/optipng.man.txt 2012-09-16 16:16:00.0 +0200 +++ new/optipng-0.7.4/doc/optipng.man.txt 2012-10-22 03:41:00.0 +0200 @@ -295,4 +295,4 @@ the Debian Project. It was later updated by Cosmin Truta, and is now part of the OptiPNG distribution. -OptiPNG version 0.7.3 2012-Sep-16 OPTIPNG(1) +OptiPNG version 0.7.4 2012-Oct-21 OPTIPNG(1) diff -urN '--exclude=CVS' '--ex
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2012-09-25 10:44:21 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng", Maintainer is "pgaj...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-08-08 11:20:05.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-09-25 10:44:23.0 +0200 @@ -1,0 +2,7 @@ +Mon Sep 24 11:58:03 UTC 2012 - pgaj...@suse.com + +- updated to 0.7.3: + * fixed 'OptiPNG Palette Reduction Use-After-Free Vulnerability' +[bnc#780874] + +--- Old: optipng-0.7.1.tar.gz New: optipng-0.7.3.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.CKTJ5K/_old 2012-09-25 10:44:26.0 +0200 +++ /var/tmp/diff_new_pack.CKTJ5K/_new 2012-09-25 10:44:26.0 +0200 @@ -21,7 +21,7 @@ Summary:A PNG File Compressor License:Zlib Group: Productivity/Archiving/Compression -Version:0.7.1 +Version:0.7.3 Release:0 Url:http://optipng.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -54,9 +54,6 @@ %makeinstall install -D -m644 %{SOURCE1} $RPM_BUILD_ROOT/etc/rpm/macros.optipng -%clean -rm -rf $RPM_BUILD_ROOT - %files %defattr(-,root,root) %doc README.txt doc ++ optipng-0.7.1.tar.gz -> optipng-0.7.3.tar.gz ++ 22542 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2012-08-08 11:19:56 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng", Maintainer is "pgaj...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-03-02 13:49:23.0 +0100 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-08-08 11:20:05.0 +0200 @@ -1,0 +2,8 @@ +Tue Aug 7 12:41:22 UTC 2012 - pgaj...@suse.com + +- updated to 0.7.1: + !! Fixed a regression in the reduction of palette-encoded grayscale + images. This regression was introduced in version 0.7. + (Thanks to Adam Ciarcinski for the fix.) + +--- Old: optipng-0.7.tar.gz New: optipng-0.7.1.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.M96HNO/_old 2012-08-08 11:20:15.0 +0200 +++ /var/tmp/diff_new_pack.M96HNO/_new 2012-08-08 11:20:15.0 +0200 @@ -15,16 +15,14 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild - Name: optipng BuildRequires: libpng-devel +Summary:A PNG File Compressor License:Zlib Group: Productivity/Archiving/Compression -Summary:A PNG File Compressor -Version:0.7 -Release:1 +Version:0.7.1 +Release:0 Url:http://optipng.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0:%name-%{version}.tar.gz ++ optipng-0.7.tar.gz -> optipng-0.7.1.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7/AUTHORS.txt new/optipng-0.7.1/AUTHORS.txt --- old/optipng-0.7/AUTHORS.txt 1970-01-01 01:00:00.0 +0100 +++ new/optipng-0.7.1/AUTHORS.txt 2012-03-20 01:19:00.0 +0100 @@ -0,0 +1,25 @@ +# OptiPNG version 0.7.1 +# Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors. +# See the accompanying LICENSE file for details. +# +# A Contributing Author is a person or company who contributed code that +# is now part of OptiPNG. +# +# For the purpose of copyright and licensing, this is the official list +# of Contributing Authors, in alphabetic order. + +Adam Ciarcinski +Brian McQuade +Elias Pipping +Fabien Barbier +Maciej Pilichowski +Matthew Fearnley +Nelson A. de Oliveira +Niels de Koning +Petr Gajdos +Piotr Bandurski +Ramona C. Truta +Sebastian Pipping +Stefan Br�ns +Till Maas +Ville Skytt� diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7/LICENSE.txt new/optipng-0.7.1/LICENSE.txt --- old/optipng-0.7/LICENSE.txt 2011-01-24 07:05:00.0 +0100 +++ new/optipng-0.7.1/LICENSE.txt 2012-03-01 04:09:00.0 +0100 @@ -1,5 +1,7 @@ -Copyright (C) 2001-2011 Cosmin Truta. +Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors. +For the purpose of copyright and licensing, the list of Contributing +Authors is available in the accompanying AUTHORS file. This software is provided 'as-is', without any express or implied warranty. In no event will the author(s) be held liable for any damages diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7/README.txt new/optipng-0.7.1/README.txt --- old/optipng-0.7/README.txt 2011-12-19 19:40:00.0 +0100 +++ new/optipng-0.7.1/README.txt2012-03-20 01:19:00.0 +0100 @@ -1,6 +1,6 @@ -OptiPNG 0.7: Advanced PNG optimizer. -Copyright (C) 2001-2011 Cosmin Truta. +OptiPNG 0.7.1: Advanced PNG optimizer. +Copyright (C) 2001-2012 Cosmin Truta. = License @@ -23,12 +23,12 @@ Build instructions -- On Unix, or under a Bourne-compatible shell, run ./configure and make: -cd optipng-0.7/ +cd optipng-0.7.1/ ./configure && make Alternatively, use a pre-configured makefile that matches your compiler; e.g.: -cd optipng-0.7/ +cd optipng-0.7.1/ nmake -f build/visualc.mk Installation instructions diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/optipng-0.7/doc/history.txt new/optipng-0.7.1/doc/history.txt --- old/optipng-0.7/doc/history.txt 2012-02-29 18:07:00.0 +0100 +++ new/optipng-0.7.1/doc/history.txt 2012-03-20 01:19:00.0 +0100 @@ -13,6 +13,12 @@ (crash, data/metadata loss or security hazard). * Other modification (e.g. architectural improvement). +Version 0.7.1 19-mar-2012 +- +!! Fixed a regre
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2012-03-02 13:49:18 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng", Maintainer is "pgaj...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2011-09-23 12:21:05.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-03-02 13:49:23.0 +0100 @@ -1,0 +2,19 @@ +Fri Mar 2 11:54:06 UTC 2012 - pgaj...@suse.com + +- updated to 0.7: + + Added the popularly-requested option -strip. + + Added the option -backup, as an alias of -keep. + + Added the option -silent, as an alias of -quiet. + - Deprecated the option -log. + * Changed the activity display output from STDOUT to STDERR. + + Allowed the option -preserve to save high-resolution timestamps + on Unix, if the POSIX-1.2008 API is available. This feature was + previously available on Windows only. + ! Fixed a minor precision error in the display of file size percents. + ! Fixed a memory leak that occurred when reading broken GIF images. + ! Fixed various build issues. +(Thanks to Sebastian Pipping and Ville Skytta for the fixes.) + * Resolved all remaining compatibility issues with libpng-1.5. +(Thanks in part to Adam Ciarcinski for the contribution.) + +--- Old: optipng-0.6.5.tar.bz2 optipng-libpng14.patch optipng-suse-paths.diff New: optipng-0.7.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.WtRMbI/_old 2012-03-02 13:49:24.0 +0100 +++ /var/tmp/diff_new_pack.WtRMbI/_new 2012-03-02 13:49:24.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,14 +23,12 @@ License:Zlib Group: Productivity/Archiving/Compression Summary:A PNG File Compressor -Version:0.6.5 +Version:0.7 Release:1 Url:http://optipng.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build -Source0:%name-%{version}.tar.bz2 +Source0:%name-%{version}.tar.gz Source1:macros.optipng -Patch0: %{name}-suse-paths.diff -Patch1: %{name}-libpng14.patch %description OptiPNG is a PNG optimizer that recompresses image files to a smaller @@ -46,13 +44,13 @@ %prep %setup -q -%patch0 -# upstream uses pngpriv.h from libpng, which is not allowed -%patch1 -p1 %build -./configure -with-system-zlib -with-system-libpng -prefix=/usr -make CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="$RPM_OPT_FLAGS" +./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix} -mandir=%{_mandir} +#don't strip binaries +sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile +make %install %makeinstall @@ -63,7 +61,7 @@ %files %defattr(-,root,root) -#%doc FEATURES HISTORY DESIGN TODO CAVEAT +%doc README.txt doc /usr/bin/optipng /usr/share/man/man1/optipng.1.gz /etc/rpm/macros.optipng -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at Fri Mar 4 09:38:06 CET 2011. --- optipng/optipng.changes 2010-08-23 16:48:56.0 +0200 +++ /mounts/work_src_done/STABLE/optipng/optipng.changes2011-03-03 13:03:16.0 +0100 @@ -1,0 +2,9 @@ +Thu Mar 3 12:07:53 CET 2011 - pgaj...@suse.cz + +- updated to 0.6.5: + * Fixed processing of PNG files with chunks of size 0. + * Fixed a display error in the TIFF import. + * Improved checking of the arguments of -f, -zc, -zm and -zs. + * Removed quirks from the rangeset option argument syntax. + +--- calling whatdependson for head-i586 Old: optipng-0.6.4.tar.bz2 New: optipng-0.6.5.tar.bz2 Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.FZ4Ke6/_old 2011-03-04 09:25:49.0 +0100 +++ /var/tmp/diff_new_pack.FZ4Ke6/_new 2011-03-04 09:25:49.0 +0100 @@ -1,7 +1,7 @@ # -# spec file for package optipng (Version 0.6.4) +# spec file for package optipng # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,7 +23,7 @@ License:Zlib Group: Productivity/Archiving/Compression Summary:A PNG File Compressor -Version:0.6.4 +Version:0.6.5 Release:1 Url:http://optipng.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ optipng-0.6.4.tar.bz2 -> optipng-0.6.5.tar.bz2 ++ 37382 lines of diff (skipped) ++ optipng-libpng14.patch ++ --- /var/tmp/diff_new_pack.FZ4Ke6/_old 2011-03-04 09:25:49.0 +0100 +++ /var/tmp/diff_new_pack.FZ4Ke6/_new 2011-03-04 09:25:49.0 +0100 @@ -1,7 +1,7 @@ -Index: optipng-0.6.4/src/pngpriv.h +Index: optipng-0.6.5/src/pngpriv.h === --- /dev/null -+++ optipng-0.6.4/src/pngpriv.h optipng-0.6.5/src/pngpriv.h @@ -0,0 +1,24 @@ +#if PNG_LIBPNG_VER >= 10400 +#define PNG_FILLER 0x8000L @@ -27,17 +27,32 @@ + } +#endif + -Index: optipng-0.6.4/src/opngoptim.c +Index: optipng-0.6.5/src/cexcept.h === optipng-0.6.4.orig/src/opngoptim.c -+++ optipng-0.6.4/src/opngoptim.c -@@ -23,6 +23,9 @@ - #include "cexcept.h" - #include "cbitset.h" - #include "osys.h" -+#if PNG_LIBPNG_VER >= 10400 -+#include "pngpriv.h" -+#endif +--- optipng-0.6.5.orig/src/cexcept.h optipng-0.6.5/src/cexcept.h +@@ -191,7 +191,7 @@ is subject to change. + #define CEXCEPT_H + + +-#include ++#include + + #define define_exception_type(etype) \ + struct exception_context { \ +Index: optipng-0.6.5/src/opngreduc.c +=== +--- optipng-0.6.5.orig/src/opngreduc.c optipng-0.6.5/src/opngreduc.c +@@ -25,9 +25,9 @@ + #include "opngreduc.h" + #if PNG_LIBPNG_VER >= 10400 +-#ifdef PNG_USER_PRIVATEBUILD ++/*#ifdef PNG_USER_PRIVATEBUILD*/ + #include "pngpriv.h" +-#endif ++/*#endif*/ + #endif - /* + #ifndef OPNG_ASSERT Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org