diff options
Diffstat (limited to 'ANNOUNCE')
| -rw-r--r-- | ANNOUNCE | 85 |
1 files changed, 55 insertions, 30 deletions
@@ -1,47 +1,72 @@ -Libpng 1.6.20 - December 3, 2015 +Libpng 1.6.22beta03 - February 19, 2016 -This is a public release of libpng, intended for use in production codes. +This is not intended to be a public release. It will be replaced +within a few weeks by a public version or by another test version. Files available for download: Source files with LF line endings (for Unix/Linux) and with a "configure" script - libpng-1.6.20.tar.xz (LZMA-compressed, recommended) - libpng-1.6.20.tar.gz + 1.6.22beta03.tar.xz (LZMA-compressed, recommended) + 1.6.22beta03.tar.gz Source files with CRLF line endings (for Windows), without the "configure" script - /scratch/glennrp/Libpng16/lpng1620.7z (LZMA-compressed, recommended) - /scratch/glennrp/Libpng16/lpng1620.zip + lp1622b03.7z (LZMA-compressed, recommended) + lp1622b03.zip Other information: - libpng-1.6.20-README.txt - libpng-1.6.20-LICENSE.txt - libpng-1.6.20-*.asc (armored detached GPG signatures) - -Changes since the last public release (1.6.19): - Avoid potential pointer overflow/underflow in png_handle_sPLT() and - png_handle_pCAL() (Bug report by John Regehr). - Fixed incorrect implementation of png_set_PLTE() that uses png_ptr - not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 - vulnerability. - Backported tests from libpng-1.7.0beta69. - Fixed an error in handling of bad zlib CMINFO field in pngfix, found by - American Fuzzy Lop, reported by Brian Carpenter. inflate() doesn't - immediately fault a bad CMINFO field; instead a 'too far back' error - happens later (at least some times). pngfix failed to limit CMINFO to - the allowed values but then assumed that window_bits was in range, - triggering an assert. The bug is mostly harmless; the PNG file cannot - be fixed. - In libpng 1.6 zlib initialization was changed to use the window size - in the zlib stream, not a fixed value. This causes some invalid images, - where CINFO is too large, to display 'correctly' if the rest of the - data is valid. This provides a workaround for zlib versions where the - error arises (ones that support the API change to use the window size - in the stream). + 1.6.22beta03-README.txt + 1.6.22beta03-LICENSE.txt + libpng-1.6.22beta03-*.asc (armored detached GPG signatures) + +Changes since the last public release (1.6.21): + +Version 1.6.22beta01 [January 23, 2016] + Changed PNG_USE_MKSTEMP to __COVERITY__ to select alternate + "tmpfile()" implementation in contrib/libtests/pngstest.c + Fixed NO_STDIO build of pngunknown.c to skip calling png_init_io() + if there is no stdio.h support. + Added a png_image_write_to_memory() API and a number of assist macros + to allow an application that uses the simplified API write to bypass + stdio and write directly to memory. + Added some warnings (png.h) and some check code to detect *possible* + overflow in the ROW_STRIDE and simplified image SIZE macros. This + disallows image width/height/format that *might* overflow. This is + a quiet API change that limits in-memory image size (uncompressed) to + less than 4GByte and image row size (stride) to less than 2GByte. + Revised workaround for false-positive Coverity issue in pngvalid.c. + +Version 1.6.22beta02 [February 8, 2016] + Only use exit(77) in configure builds. + Corrected error in PNG_IMAGE_PNG_SIZE_MAX. This new macro underreported + the palette size because it failed to take into account that the memory + palette has to be expanded to full RGB when it is written to PNG. + Updated CMakeLists.txt, added supporting scripts/gen*.cmake.in + and test.cmake.in (Roger Leigh). + Relaxed limit checks on gamma values in pngrtran.c. As suggested in + the comments gamma values outside the range currently permitted + by png_set_alpha_mode are useful for HDR data encoding. These values + are already permitted by png_set_gamma so it is reasonable caution to + extend the png_set_alpha_mode range as HDR imaging systems are starting + to emerge. + +Version 1.6.22beta03 [February 19, 2016] + Added a common-law trademark notice and export control information + to the LICENSE file, png.h, and the man page. + Restored "& 0xff" in png_save_uint_16() and png_save_uint_32() that + were accidentally removed from libpng-1.6.17. + Changed PNG_INFO_cHNK and PNG_FREE_cHNK from 0xnnnn to 0xnnnnU in png.h + (Robert C. Seacord). + Removed dubious "#if INT_MAX" test from png.h that was added to + libpng-1.6.19beta02 (John Bowler). + Add ${INCLUDES} in scripts/genout.cmake.in (Bug report by Nixon Kwok). + Updated LICENSE to say files in the contrib directory are not + necessarily under the libpng license, and that some makefiles have + other copyright owners. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit |