diff --git a/ANNOUNCE b/ANNOUNCE index 9d37c7044..4fd8c8cd1 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,5 +1,5 @@ -Libpng 1.7.0beta25 - December 15, 2013 +Libpng 1.7.0beta25 - December 20, 2013 This is not intended to be a public release. It will be replaced within a few weeks by a public version or by another test version. @@ -459,9 +459,11 @@ Version 1.7.0beta24 [December 15, 2013] Handle zero-length PLTE chunk or NULL palette with png_error() instead of png_chunk_report(), which by default issues a warning rather than an error, leading to later reading from a NULL pointer - (png_ptr->palette) in png_do_expand_palette(). + (png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954 + and VU#650142. -Version 1.7.0beta25 [December 15, 2013] +Version 1.7.0beta25 [December 20, 2013] + Merged files with version 1.6.8 that have not changed since then. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index b7c356025..9c5e05961 100644 --- a/CHANGES +++ b/CHANGES @@ -4748,9 +4748,11 @@ Version 1.7.0beta24 [December 15, 2013] Handle zero-length PLTE chunk or NULL palette with png_error() instead of png_chunk_report(), which by default issues a warning rather than an error, leading to later reading from a NULL pointer - (png_ptr->palette) in png_do_expand_palette(). + (png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954 + and VU#650142. -Version 1.7.0beta25 [December 15, 2013] +Version 1.7.0beta25 [December 20, 2013] + Merged files with version 1.6.8 that have not changed since then. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/contrib/libtests/gentests.sh b/contrib/libtests/gentests.sh index c3698a85e..f0f8d2395 100755 --- a/contrib/libtests/gentests.sh +++ b/contrib/libtests/gentests.sh @@ -1,8 +1,8 @@ #!/bin/sh # -# Copyright (c) 2012 John Cunningham Bowler +# Copyright (c) 2013 John Cunningham Bowler # -# Last changed in libpng 1.6.0 [(PENDING RELEASE)] +# Last changed in libpng 1.6.0 [February 14, 2013] # # This code is released under the libpng license. # For conditions of distribution and use, see the disclaimer diff --git a/contrib/libtests/makepng.c b/contrib/libtests/makepng.c index 544a44ba4..9f11b2964 100644 --- a/contrib/libtests/makepng.c +++ b/contrib/libtests/makepng.c @@ -1,8 +1,8 @@ /* makepng.c * - * Copyright (c) 2012 John Cunningham Bowler + * Copyright (c) 2013 John Cunningham Bowler * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.1 [March 28, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/libtests/pngstest.c b/contrib/libtests/pngstest.c index 759028e34..d20e8f224 100644 --- a/contrib/libtests/pngstest.c +++ b/contrib/libtests/pngstest.c @@ -1,9 +1,9 @@ /*- * pngstest.c * - * Copyright (c) 2012 John Cunningham Bowler + * Copyright (c) 2013 John Cunningham Bowler * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.8 [December 19, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/libtests/tarith.c b/contrib/libtests/tarith.c index a006d2922..cdb00dbf7 100644 --- a/contrib/libtests/tarith.c +++ b/contrib/libtests/tarith.c @@ -1,9 +1,9 @@ /* tarith.c * - * Copyright (c) 2011,2012 John Cunningham Bowler + * Copyright (c) 2011-2013 John Cunningham Bowler * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/libtests/timepng.c b/contrib/libtests/timepng.c index 65ddff543..7c937971c 100644 --- a/contrib/libtests/timepng.c +++ b/contrib/libtests/timepng.c @@ -1,8 +1,8 @@ /* timepng.c * - * Copyright (c) 2012 John Cunningham Bowler + * Copyright (c) 2013 John Cunningham Bowler * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.1 [March 28, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/decoder/pngusr.dfa b/contrib/pngminim/decoder/pngusr.dfa index cae307f39..4f402721a 100644 --- a/contrib/pngminim/decoder/pngusr.dfa +++ b/contrib/pngminim/decoder/pngusr.dfa @@ -1,6 +1,6 @@ # pngminim/decoder/pngusr.dfa # -# Copyright (c) 2010-2011 Glenn Randers-Pehrson +# Copyright (c) 2010-2013 Glenn Randers-Pehrson # # This code is released under the libpng license. # For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/decoder/pngusr.h b/contrib/pngminim/decoder/pngusr.h index 9d9c50c40..841da0c28 100644 --- a/contrib/pngminim/decoder/pngusr.h +++ b/contrib/pngminim/decoder/pngusr.h @@ -1,6 +1,6 @@ /* minrdpngconf.h: headers to make a minimal png-read-only library * - * Copyright (c) 2007, 2010-2011 Glenn Randers-Pehrson + * Copyright (c) 2007, 2010-2013 Glenn Randers-Pehrson * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/encoder/pngusr.dfa b/contrib/pngminim/encoder/pngusr.dfa index c5e51c870..1fc24f3f2 100644 --- a/contrib/pngminim/encoder/pngusr.dfa +++ b/contrib/pngminim/encoder/pngusr.dfa @@ -1,6 +1,6 @@ # pngminim/encoder/pngusr.dfa # -# Copyright (c) 2010-2011 Glenn Randers-Pehrson +# Copyright (c) 2010-2013 Glenn Randers-Pehrson # # This code is released under the libpng license. # For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/encoder/pngusr.h b/contrib/pngminim/encoder/pngusr.h index 2033aadb2..a050ef3eb 100644 --- a/contrib/pngminim/encoder/pngusr.h +++ b/contrib/pngminim/encoder/pngusr.h @@ -1,6 +1,6 @@ /* minwrpngconf.h: headers to make a minimal png-write-only library * - * Copyright (c) 2007, 2010-2011 Glenn Randers-Pehrson + * Copyright (c) 2007, 2010-2013 Glenn Randers-Pehrson * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/preader/pngusr.dfa b/contrib/pngminim/preader/pngusr.dfa index 216c421ca..ac297f41b 100644 --- a/contrib/pngminim/preader/pngusr.dfa +++ b/contrib/pngminim/preader/pngusr.dfa @@ -1,6 +1,6 @@ # pngminim/preader/pngusr.dfa # -# Copyright (c) 2010-2011 Glenn Randers-Pehrson +# Copyright (c) 2010-2013 Glenn Randers-Pehrson # # This code is released under the libpng license. # For conditions of distribution and use, see the disclaimer diff --git a/contrib/pngminim/preader/pngusr.h b/contrib/pngminim/preader/pngusr.h index 73cfecfbf..d84863472 100644 --- a/contrib/pngminim/preader/pngusr.h +++ b/contrib/pngminim/preader/pngusr.h @@ -1,6 +1,6 @@ /* minrdpngconf.h: headers to make a minimal png-read-only library * - * Copyright (c) 2009, 2010-2011 Glenn Randers-Pehrson + * Copyright (c) 2009, 2010-2013 Glenn Randers-Pehrson * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/tools/checksum-icc.c b/contrib/tools/checksum-icc.c index 74b3c3f03..581e7088a 100644 --- a/contrib/tools/checksum-icc.c +++ b/contrib/tools/checksum-icc.c @@ -1,8 +1,8 @@ /* checksum-icc.c * - * Copyright (c) 2012 John Cunningham Bowler + * Copyright (c) 2013 John Cunningham Bowler * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/tools/cvtcolor.c b/contrib/tools/cvtcolor.c index b3776236b..e6793c7d5 100644 --- a/contrib/tools/cvtcolor.c +++ b/contrib/tools/cvtcolor.c @@ -1,9 +1,9 @@ /*- * convert.c * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * - * COPYRIGHT: Written by John Cunningham Bowler, 2012. + * COPYRIGHT: Written by John Cunningham Bowler, 2013. * To the extent possible under law, the author has waived all copyright and * related or neighboring rights to this work. This work is published from: * United States. diff --git a/contrib/tools/intgamma.sh b/contrib/tools/intgamma.sh index 36a66d3be..41c5d6dd2 100644 --- a/contrib/tools/intgamma.sh +++ b/contrib/tools/intgamma.sh @@ -2,9 +2,9 @@ # # intgamma.sh # -# Last changed in libpng 1.6.0 [(PENDING RELEASE)] +# Last changed in libpng 1.6.0 [February 14, 2013] # -# COPYRIGHT: Written by John Cunningham Bowler, 2012. +# COPYRIGHT: Written by John Cunningham Bowler, 2013. # To the extent possible under law, the author has waived all copyright and # related or neighboring rights to this work. This work is published from: # United States. diff --git a/contrib/tools/makesRGB.c b/contrib/tools/makesRGB.c index 0f7e7c7b4..e66c9f157 100644 --- a/contrib/tools/makesRGB.c +++ b/contrib/tools/makesRGB.c @@ -1,8 +1,8 @@ /* makesRGB.c -- build sRGB-to-linear and linear-to-sRGB conversion tables * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * - * COPYRIGHT: Written by John Cunningham Bowler, 2012. + * COPYRIGHT: Written by John Cunningham Bowler, 2013. * To the extent possible under law, the author has waived all copyright and * related or neighboring rights to this work. This work is published from: * United States. diff --git a/contrib/tools/png-fix-itxt.c b/contrib/tools/png-fix-itxt.c index e55da55f8..1210bd9c8 100644 --- a/contrib/tools/png-fix-itxt.c +++ b/contrib/tools/png-fix-itxt.c @@ -2,7 +2,7 @@ /* png-fix-itxt version 1.0.0 * * Copyright 2013 Glenn Randers-Pehrson - * Last changed in libpng 1.6.3 [(PENDING RELEASE)] + * Last changed in libpng 1.6.3 [July 18, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/tools/pngfix.c b/contrib/tools/pngfix.c index 2b6b9dce1..245adb6f2 100644 --- a/contrib/tools/pngfix.c +++ b/contrib/tools/pngfix.c @@ -2,7 +2,7 @@ * * Copyright (c) 2013 John Cunningham Bowler * - * Last changed in libpng 1.6.8 [(PENDING RELEASE)] + * Last changed in libpng 1.6.8 [December 19, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/contrib/tools/sRGB.h b/contrib/tools/sRGB.h index 3b192bb39..22c8f7c0e 100644 --- a/contrib/tools/sRGB.h +++ b/contrib/tools/sRGB.h @@ -1,9 +1,9 @@ /*- * sRGB.h * - * Last changed in libpng 1.6.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * - * COPYRIGHT: Written by John Cunningham Bowler, 2012. + * COPYRIGHT: Written by John Cunningham Bowler, 2013. * To the extent possible under law, the author has waived all copyright and * related or neighboring rights to this work. This work is published from: * United States. diff --git a/example.c b/example.c index c1534938e..9cc53d43d 100644 --- a/example.c +++ b/example.c @@ -2,7 +2,7 @@ #if 0 /* in case someone actually tries to compile this */ /* example.c - an example of using libpng - * Last changed in libpng 1.6.3 [(PENDING RELEASE)] + * Last changed in libpng 1.7.0 [(PENDING RELEASE)] * Maintained 1998-2013 Glenn Randers-Pehrson * Maintained 1996, 1997 Andreas Dilger) * Written 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) diff --git a/png.c b/png.c index fff9d87c2..d98b8e3bc 100644 --- a/png.c +++ b/png.c @@ -696,13 +696,13 @@ png_get_copyright(png_const_structrp png_ptr) #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.7.0beta25 - December 15, 2013" PNG_STRING_NEWLINE \ + "libpng version 1.7.0beta25 - December 20, 2013" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2013 Glenn Randers-Pehrson" PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; # else - return "libpng version 1.7.0beta25 - December 15, 2013\ + return "libpng version 1.7.0beta25 - December 20, 2013\ Copyright (c) 1998-2013 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; diff --git a/png.h b/png.h index 8821f40a1..1482b0246 100644 --- a/png.h +++ b/png.h @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.7.0beta25 - December 15, 2013 + * libpng version 1.7.0beta25 - December 20, 2013 * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) @@ -11,7 +11,7 @@ * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89c, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.7.0beta25 - December 15, 2013: Glenn + * libpng versions 0.97, January 1998, through 1.7.0beta25 - December 20, 2013: Glenn * See also "Contributing Authors", below. * * Note about libpng version numbers: @@ -200,7 +200,7 @@ * * This code is released under the libpng license. * - * libpng versions 1.2.6, August 15, 2004, through 1.7.0beta25, December 15, 2013, are + * libpng versions 1.2.6, August 15, 2004, through 1.7.0beta25, December 20, 2013, are * Copyright (c) 2004, 2006-2013 Glenn Randers-Pehrson, and are * distributed according to the same disclaimer and license as libpng-1.2.5 * with the following individual added to the list of Contributing Authors: @@ -312,7 +312,7 @@ * Y2K compliance in libpng: * ========================= * - * December 15, 2013 + * December 20, 2013 * * Since the PNG Development group is an ad-hoc body, we can't make * an official declaration. @@ -380,7 +380,7 @@ /* Version information for png.h - this should match the version in png.c */ #define PNG_LIBPNG_VER_STRING "1.7.0beta25" #define PNG_HEADER_VERSION_STRING \ - " libpng version 1.7.0beta25 - December 15, 2013\n" + " libpng version 1.7.0beta25 - December 20, 2013\n" #define PNG_LIBPNG_VER_SONUM 17 #define PNG_LIBPNG_VER_DLLNUM 17 diff --git a/pngconf.h b/pngconf.h index 2d8d2afe1..16c6788f3 100644 --- a/pngconf.h +++ b/pngconf.h @@ -1,7 +1,7 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.7.0beta25 - December 15, 2013 + * libpng version 1.7.0beta25 - December 20, 2013 * * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) diff --git a/pngdebug.h b/pngdebug.h index 45e12760c..b43c59cde 100644 --- a/pngdebug.h +++ b/pngdebug.h @@ -5,7 +5,7 @@ * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.5.18 [(PENDING RELEASE)] + * Last changed in libpng 1.6.8 [December 19, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/pngerror.c b/pngerror.c index 1297b4d87..02b7ffcb7 100644 --- a/pngerror.c +++ b/pngerror.c @@ -163,7 +163,7 @@ png_format_number(png_const_charp start, png_charp end, int format, case PNG_NUMBER_FORMAT_02u: /* Expects at least 2 digits. */ mincount = 2; - /* fall through */ + /* FALL THROUGH */ case PNG_NUMBER_FORMAT_u: *--end = digits[number % 10]; @@ -173,7 +173,7 @@ png_format_number(png_const_charp start, png_charp end, int format, case PNG_NUMBER_FORMAT_02x: /* This format expects at least two digits */ mincount = 2; - /* fall through */ + /* FALL THROUGH */ case PNG_NUMBER_FORMAT_x: *--end = digits[number & 0xf]; diff --git a/pnginfo.h b/pnginfo.h index b60ac72a7..26bf26502 100644 --- a/pnginfo.h +++ b/pnginfo.h @@ -1,11 +1,11 @@ /* pnginfo.h - header file for PNG reference library * - * Copyright (c) 1998-2011 Glenn Randers-Pehrson + * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) * - * Last changed in libpng 1.5.0 [January 6, 2011] + * Last changed in libpng 1.6.1 [March 28, 2013] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -223,13 +223,17 @@ defined(PNG_READ_BACKGROUND_SUPPORTED) #ifdef PNG_STORE_UNKNOWN_CHUNKS_SUPPORTED /* Storage for unknown chunks that the library doesn't recognize. */ png_unknown_chunkp unknown_chunks; + + /* The type of this field is limited by the type of + * png_struct::user_chunk_cache_max, else overflow can occur. + */ int unknown_chunks_num; #endif #ifdef PNG_sPLT_SUPPORTED /* Data on sPLT chunks (there may be more than one). */ png_sPLT_tp splt_palettes; - int splt_palettes_num; + int splt_palettes_num; /* Match type returned by png_get API */ #endif #ifdef PNG_sCAL_SUPPORTED diff --git a/pngwtran.c b/pngwtran.c index 7e3ef9081..210a4153a 100644 --- a/pngwtran.c +++ b/pngwtran.c @@ -1,7 +1,7 @@ /* pngwtran.c - transforms the data in a row for PNG writers * - * Last changed in libpng 1.7.0 [(PENDING RELEASE)] + * Last changed in libpng 1.6.0 [February 14, 2013] * Copyright (c) 1998-2013 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) diff --git a/scripts/README.txt b/scripts/README.txt index 6dce1df04..c1b08cab5 100644 --- a/scripts/README.txt +++ b/scripts/README.txt @@ -1,5 +1,5 @@ -Makefiles for libpng version 1.7.0beta25 - December 15, 2013 +Makefiles for libpng version 1.7.0beta25 - December 20, 2013 pnglibconf.h.prebuilt => Stores configuration settings makefile.linux => Linux/ELF makefile diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index 584059478..f17da3156 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -2,7 +2,7 @@ /* pnglibconf.h - library build configuration */ -/* Libpng version 1.7.0beta25 - December 15, 2013 */ +/* Libpng version 1.7.0beta25 - December 20, 2013 */ /* Copyright (c) 1998-2013 Glenn Randers-Pehrson */