diff --git a/ANNOUNCE b/ANNOUNCE index 6374c3845..603b2df48 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,13 +1,5 @@ -libpng 1.6.47.git -================= - -This is a development version, not intended to be a public release. -It will be replaced by a public release, or by another development -version, at a later time. - - -libpng 1.6.46 - January 23, 2025 -================================ +libpng 1.6.47 - February 18, 2025 +================================= This is a public release of libpng, intended for use in production code. @@ -17,13 +9,13 @@ Files available for download Source files with LF line endings (for Unix/Linux): - * libpng-1.6.46.tar.xz (LZMA-compressed, recommended) - * libpng-1.6.46.tar.gz (deflate-compressed) + * libpng-1.6.47.tar.xz (LZMA-compressed, recommended) + * libpng-1.6.47.tar.gz (deflate-compressed) Source files with CRLF line endings (for Windows): - * lpng1646.7z (LZMA-compressed, recommended) - * lpng1646.zip (deflate-compressed) + * lpng1647.7z (LZMA-compressed, recommended) + * lpng1647.zip (deflate-compressed) Other information: @@ -33,17 +25,19 @@ Other information: * TRADEMARK.md -Changes from version 1.6.45 to version 1.6.46 +Changes from version 1.6.46 to version 1.6.47 --------------------------------------------- - * Added support for the mDCV and cLLI chunks. + * Modified the behaviour of colorspace chunks in order to adhere + to the new precedence rules formulated in the latest draft of + the PNG Specification. (Contributed by John Bowler) - * Fixed a build issue affecting C89 compilers. - This was a regression introduced in libpng-1.6.45. - (Contributed by John Bowler) - * Added makefile.c89, specifically for testing C89 compilers. - * Cleaned up contrib/pngminus: corrected an old typo, removed an old - workaround, and updated the CMake file. + * Fixed a latent bug in `png_write_iCCP`. + This would have been a read-beyond-end-of-malloc vulnerability, + introduced early in the libpng-1.6.0 development, yet (fortunately!) + it was inaccessible before the above-mentioned modification of the + colorspace precedence rules, due to pre-existing colorspace checks. + (Reported by Bob Friesenhahn; fixed by John Bowler) Send comments/corrections/commendations to png-mng-implement at lists.sf.net. diff --git a/CHANGES b/CHANGES index 3effdb3ba..834b5e192 100644 --- a/CHANGES +++ b/CHANGES @@ -6239,7 +6239,17 @@ Version 1.6.46 [January 23, 2025] Cleaned up contrib/pngminus: corrected an old typo, removed an old workaround, and updated the CMake file. -Version 1.6.47 [TODO] +Version 1.6.47 [February 18, 2025] + Modified the behaviour of colorspace chunks in order to adhere + to the new precedence rules formulated in the latest draft of + the PNG Specification. + (Contributed by John Bowler) + Fixed a latent bug in `png_write_iCCP`. + This would have been a read-beyond-end-of-malloc vulnerability, + introduced early in the libpng-1.6.0 development, yet (fortunately!) + it was inaccessible before the above-mentioned modification of the + colorspace precedence rules, due to pre-existing colorspace checks. + (Reported by Bob Friesenhahn; fixed by John Bowler) Send comments/corrections/commendations to png-mng-implement at lists.sf.net. Subscription is required; visit diff --git a/CMakeLists.txt b/CMakeLists.txt index 281819a10..4a97bd50e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,8 +19,8 @@ cmake_minimum_required(VERSION 3.14) set(PNGLIB_MAJOR 1) set(PNGLIB_MINOR 6) set(PNGLIB_REVISION 47) -#set(PNGLIB_SUBREVISION 0) -set(PNGLIB_SUBREVISION "git") +set(PNGLIB_SUBREVISION 0) +#set(PNGLIB_SUBREVISION "git") set(PNGLIB_VERSION ${PNGLIB_MAJOR}.${PNGLIB_MINOR}.${PNGLIB_REVISION}) set(PNGLIB_ABI_VERSION ${PNGLIB_MAJOR}${PNGLIB_MINOR}) set(PNGLIB_SHARED_VERSION ${PNGLIB_ABI_VERSION}.${PNGLIB_REVISION}.${PNGLIB_SUBREVISION}) diff --git a/README b/README index 11fea0d24..57952fb21 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ -README for libpng version 1.6.47.git -==================================== +README for libpng version 1.6.47 +================================ See the note about version numbers near the top of `png.h`. See `INSTALL` for instructions on how to install libpng. diff --git a/configure b/configure index 7eb52581e..bd274ab9f 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.72 for libpng 1.6.47.git. +# Generated by GNU Autoconf 2.72 for libpng 1.6.47. # # Report bugs to . # @@ -614,8 +614,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libpng' PACKAGE_TARNAME='libpng' -PACKAGE_VERSION='1.6.47.git' -PACKAGE_STRING='libpng 1.6.47.git' +PACKAGE_VERSION='1.6.47' +PACKAGE_STRING='libpng 1.6.47' PACKAGE_BUGREPORT='png-mng-implement@lists.sourceforge.net' PACKAGE_URL='' @@ -1421,7 +1421,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -'configure' configures libpng 1.6.47.git to adapt to many kinds of systems. +'configure' configures libpng 1.6.47 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1492,7 +1492,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libpng 1.6.47.git:";; + short | recursive ) echo "Configuration of libpng 1.6.47:";; esac cat <<\_ACEOF @@ -1689,7 +1689,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libpng configure 1.6.47.git +libpng configure 1.6.47 generated by GNU Autoconf 2.72 Copyright (C) 2023 Free Software Foundation, Inc. @@ -1952,7 +1952,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libpng $as_me 1.6.47.git, which was +It was created by libpng $as_me 1.6.47, which was generated by GNU Autoconf 2.72. Invocation command line was $ $0$ac_configure_args_raw @@ -3433,7 +3433,7 @@ fi # Define the identity of the package. PACKAGE='libpng' - VERSION='1.6.47.git' + VERSION='1.6.47' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -3528,7 +3528,7 @@ fi -PNGLIB_VERSION=1.6.47.git +PNGLIB_VERSION=1.6.47 PNGLIB_MAJOR=1 PNGLIB_MINOR=6 PNGLIB_RELEASE=47 @@ -16165,7 +16165,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libpng $as_me 1.6.47.git, which was +This file was extended by libpng $as_me 1.6.47, which was generated by GNU Autoconf 2.72. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -16233,7 +16233,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -libpng config.status 1.6.47.git +libpng config.status 1.6.47 configured by $0, generated by GNU Autoconf 2.72, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 9a713c79a..df48325e0 100644 --- a/configure.ac +++ b/configure.ac @@ -25,7 +25,7 @@ AC_PREREQ([2.68]) dnl Version number stuff here: -AC_INIT([libpng],[1.6.47.git],[png-mng-implement@lists.sourceforge.net]) +AC_INIT([libpng],[1.6.47],[png-mng-implement@lists.sourceforge.net]) AC_CONFIG_MACRO_DIR([scripts/autoconf]) # libpng does not follow GNU file name conventions (hence 'foreign') @@ -46,7 +46,7 @@ dnl automake, so the following is not necessary (and is not defined anyway): dnl AM_PREREQ([1.11.2]) dnl stop configure from automagically running automake -PNGLIB_VERSION=1.6.47.git +PNGLIB_VERSION=1.6.47 PNGLIB_MAJOR=1 PNGLIB_MINOR=6 PNGLIB_RELEASE=47 diff --git a/libpng-manual.txt b/libpng-manual.txt index e81e477c1..862fe2c5d 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -9,7 +9,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng version 1.6.36, December 2018, through 1.6.46 - January 2025 + libpng version 1.6.36, December 2018, through 1.6.47 - February 2025 Updated and distributed by Cosmin Truta Copyright (c) 2018-2025 Cosmin Truta diff --git a/libpng.3 b/libpng.3 index a23193be1..923b6772e 100644 --- a/libpng.3 +++ b/libpng.3 @@ -1,6 +1,6 @@ -.TH LIBPNG 3 "January 23, 2025" +.TH LIBPNG 3 "February 18, 2025" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.46 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.47 .SH SYNOPSIS \fB#include \fP @@ -528,7 +528,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng version 1.6.36, December 2018, through 1.6.46 - January 2025 + libpng version 1.6.36, December 2018, through 1.6.47 - February 2025 Updated and distributed by Cosmin Truta Copyright (c) 2018-2025 Cosmin Truta diff --git a/libpngpf.3 b/libpngpf.3 index d5262c4b0..9c4dda2a6 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,6 +1,6 @@ -.TH LIBPNGPF 3 "January 23, 2025" +.TH LIBPNGPF 3 "February 18, 2025" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.46 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.47 (private functions) .SH SYNOPSIS diff --git a/png.5 b/png.5 index 31075deff..ee4a2b20d 100644 --- a/png.5 +++ b/png.5 @@ -1,4 +1,4 @@ -.TH PNG 5 "January 23, 2025" +.TH PNG 5 "February 18, 2025" .SH NAME png \- Portable Network Graphics (PNG) format diff --git a/png.c b/png.c index d28dbcbb1..6d533ec40 100644 --- a/png.c +++ b/png.c @@ -13,7 +13,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_47_git Your_png_h_is_not_version_1_6_47_git; +typedef png_libpng_version_1_6_47 Your_png_h_is_not_version_1_6_47; /* Sanity check the chunks definitions - PNG_KNOWN_CHUNKS from pngpriv.h and the * corresponding macro definitions. This causes a compile time failure if @@ -815,7 +815,7 @@ png_get_copyright(png_const_structrp png_ptr) return PNG_STRING_COPYRIGHT #else return PNG_STRING_NEWLINE \ - "libpng version 1.6.47.git" PNG_STRING_NEWLINE \ + "libpng version 1.6.47" PNG_STRING_NEWLINE \ "Copyright (c) 2018-2025 Cosmin Truta" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ diff --git a/png.h b/png.h index 61412c4cb..9b069e4ee 100644 --- a/png.h +++ b/png.h @@ -1,6 +1,6 @@ /* png.h - header file for PNG reference library * - * libpng version 1.6.47.git + * libpng version 1.6.47 * * Copyright (c) 2018-2025 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson @@ -14,7 +14,7 @@ * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger * libpng versions 0.97, January 1998, through 1.6.35, July 2018: * Glenn Randers-Pehrson - * libpng versions 1.6.36, December 2018, through 1.6.46, January 2025: + * libpng versions 1.6.36, December 2018, through 1.6.47, February 2025: * Cosmin Truta * See also "Contributing Authors", below. */ @@ -238,7 +238,7 @@ * ... * 1.5.30 15 10530 15.so.15.30[.0] * ... - * 1.6.46 16 10646 16.so.16.46[.0] + * 1.6.47 16 10647 16.so.16.47[.0] * * Henceforth the source version will match the shared-library major and * minor numbers; the shared-library major version number will be used for @@ -274,7 +274,7 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.47.git" +#define PNG_LIBPNG_VER_STRING "1.6.47" #define PNG_HEADER_VERSION_STRING " libpng version " PNG_LIBPNG_VER_STRING "\n" /* The versions of shared library builds should stay in sync, going forward */ @@ -290,7 +290,7 @@ /* This should be zero for a public release, or non-zero for a * development version. */ -#define PNG_LIBPNG_VER_BUILD 1 +#define PNG_LIBPNG_VER_BUILD 0 /* Release Status */ #define PNG_LIBPNG_BUILD_ALPHA 1 @@ -307,7 +307,7 @@ #define PNG_LIBPNG_BUILD_SPECIAL 32 /* Cannot be OR'ed with PNG_LIBPNG_BUILD_PRIVATE */ -#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_BETA +#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_STABLE /* Careful here. At one time, Guy wanted to use 082, but that * would be octal. We must not include leading zeros. @@ -316,7 +316,7 @@ * From version 1.0.1 it is: * XXYYZZ, where XX=major, YY=minor, ZZ=release */ -#define PNG_LIBPNG_VER 10647 /* 1.6.47.git */ +#define PNG_LIBPNG_VER 10647 /* 1.6.47 */ /* Library configuration: these options cannot be changed after * the library has been built. @@ -426,7 +426,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_47_git; +typedef char* png_libpng_version_1_6_47; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * diff --git a/pngconf.h b/pngconf.h index 4e209fd0c..42fa973c2 100644 --- a/pngconf.h +++ b/pngconf.h @@ -1,6 +1,6 @@ /* pngconf.h - machine-configurable file for libpng * - * libpng version 1.6.47.git + * libpng version 1.6.47 * * Copyright (c) 2018-2025 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson diff --git a/pngtest.c b/pngtest.c index e126049f6..1975b4b68 100644 --- a/pngtest.c +++ b/pngtest.c @@ -50,7 +50,7 @@ #define STDERR stdout /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_47_git Your_png_h_is_not_version_1_6_47_git; +typedef png_libpng_version_1_6_47 Your_png_h_is_not_version_1_6_47; /* Ensure that all version numbers in png.h are consistent with one another. */ #if (PNG_LIBPNG_VER != PNG_LIBPNG_VER_MAJOR * 10000 + \ diff --git a/scripts/libpng-config-head.in b/scripts/libpng-config-head.in index 0d29c4946..12574fcab 100644 --- a/scripts/libpng-config-head.in +++ b/scripts/libpng-config-head.in @@ -11,7 +11,7 @@ # Modeled after libxml-config. -version=1.6.47.git +version=1.6.47 prefix="" libdir="" libs="" diff --git a/scripts/libpng.pc.in b/scripts/libpng.pc.in index 5efd0942d..10e29bfbd 100644 --- a/scripts/libpng.pc.in +++ b/scripts/libpng.pc.in @@ -5,6 +5,6 @@ includedir=@includedir@/libpng16 Name: libpng Description: Loads and saves PNG files -Version: 1.6.47.git +Version: 1.6.47 Libs: -L${libdir} -lpng16 Cflags: -I${includedir} diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index 36b9b9a53..748220bfc 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -1,6 +1,6 @@ /* pnglibconf.h - library build configuration */ -/* libpng version 1.6.47.git */ +/* libpng version 1.6.47 */ /* Copyright (c) 2018-2025 Cosmin Truta */ /* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */