[libpng17] Imported from libpng-1.7.0beta25.tar

2025-07-10 18:04:09 +02:00 · 2013-12-26 11:41:24 -06:00
parent 9e168ea2c9
commit a2c5f56e77
21 changed files with 391 additions and 38 deletions
--- a/9
+++ b/9
@@ -1,5 +1,5 @@

-Libpng 1.7.0beta25 - December 20, 2013
+Libpng 1.7.0beta25 - December 26, 2013

 This is not intended to be a public release.  It will be replaced
 within a few weeks by a public version or by another test version.
@@ -460,10 +460,13 @@ Version 1.7.0beta24 [December 15, 2013]
    instead of png_chunk_report(), which by default issues a warning
    rather than an error, leading to later reading from a NULL pointer
    (png_ptr->palette) in png_do_expand_palette(). This is CVE-2013-6954
-    and VU#650142.
+    and VU#650142.  Libpng-1.6.1 through 1.6.7 and libpng-1.7.0beta03
+    through 1.7.0beta23 are vulnerable.  Libpng-1.6.0 and earlier do not
+    have the bug.

-Version 1.7.0beta25 [December 20, 2013]
+Version 1.7.0beta25 [December 26, 2013]
  Merged files with version 1.6.8 that have not changed since then.
+  Rebuilt configure scripts with automake-1.14.1 and autoconf-2.69

 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit