Overview

Request 694559 superseded

- version update to 1.6.37
Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
Fixed a memory leak in pngtest.c.
Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
contrib/pngminus; refactor.
Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
(Contributed by Willem van Schaik)
Added makefiles for AddressSanitizer-enabled builds.
- deleted patches
- libpng-arm-free.patch (upstreamed)

Request History
Petr Gajdos's avatar

pgajdos created request

- version update to 1.6.37
Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
Fixed a memory leak in pngtest.c.
Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
contrib/pngminus; refactor.
Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
(Contributed by Willem van Schaik)
Added makefiles for AddressSanitizer-enabled builds.
- deleted patches
- libpng-arm-free.patch (upstreamed)

Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources

Factory Auto's avatar

factory-auto accepted review

Check script succeeded

Jan Engelhardt's avatar

jengelh accepted review

Staging Bot's avatar

staging-bot set openSUSE:Factory:Staging:H as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:H"

Staging Bot's avatar

staging-bot accepted review

Picked openSUSE:Factory:Staging:H

Petr Gajdos's avatar

pgajdos superseded request

superseded by 694940

openSUSE Build Service is sponsored by
Places