[libpng10] Imported from libpng-1.0.63.tar

2025-07-10 18:04:09 +02:00 · 2015-02-26 14:19:45 -06:00
parent 0f820b1a70
commit e371893ea3
68 changed files with 6952 additions and 4628 deletions
--- a/53
+++ b/53
@@ -1,5 +1,5 @@

-Libpng 1.0.62 - February 6, 2014
+Libpng 1.0.63 - February 6, 2014

 This is a public release of libpng, intended for use in production codes.

@@ -8,42 +8,51 @@ Files available for download:
 Source files with LF line endings (for Unix/Linux) and with a
 "configure" script

-   libpng-1.0.62.tar.xz (LZMA-compressed, recommended)
-   libpng-1.0.62.tar.gz
-   libpng-1.0.62.tar.bz2
+   libpng-1.0.63.tar.xz (LZMA-compressed, recommended)
+   libpng-1.0.63.tar.gz
+   libpng-1.0.63.tar.bz2

 Source files with LF line endings (for Unix/Linux) without the
 "configure" script

-   libpng-1.0.62-no-config.tar.xz (LZMA-compressed, recommended)
-   libpng-1.0.62-no-config.tar.gz
-   libpng-1.0.62-no-config.tar.bz2
+   libpng-1.0.63-no-config.tar.xz (LZMA-compressed, recommended)
+   libpng-1.0.63-no-config.tar.gz
+   libpng-1.0.63-no-config.tar.bz2

 Source files with CRLF line endings (for Windows), without the
 "configure" script

-   lpng1062.zip
-   lpng1062.7z
-   lpng1062.tar.bz2
+   lpng1063.zip
+   lpng1063.7z
+   lpng1063.tar.bz2

 Project files

-   libpng-1.0.62-project-netware.zip
-   libpng-1.0.62-project-wince.zip
+   libpng-1.0.63-project-netware.zip
+   libpng-1.0.63-project-wince.zip

 Other information:

-   libpng-1.0.62-README.txt
-   libpng-1.0.62-KNOWNBUGS.txt
-   libpng-1.0.62-LICENSE.txt
-   libpng-1.0.62-Y2K-compliance.txt
-   libpng-1.0.62-*.asc (armored detached GPG signatures)
+   libpng-1.0.63-README.txt
+   libpng-1.0.63-KNOWNBUGS.txt
+   libpng-1.0.63-LICENSE.txt
+   libpng-1.0.63-Y2K-compliance.txt
+   libpng-1.0.63-*.asc (armored detached GPG signatures)

-Changes since the last public release (1.0.61):
-  Avoid out-of-bounds memory access while checking version string in
-    pngread.c and pngwrite.c
-  Added "-D_CRT_SECURE_NO_DEPRECATE -D_CRT_SECURE_NO_WARNINGS" to
-    CFLAGS in scripts/makefile.vcwin32
+Changes since the last public release (1.0.62):
+
+  Issue a png_error() instead of a png_warning() when width is
+    potentially too large for the architecture, in case the calling
+    application has overridden the default 1,000,000-column limit
+    (fixes CVE-2014-9495 and CVE-2015-0973).
+  Quieted some harmless warnings from Coverity-scan.
+  Display user limits in the output from pngtest.
+  Changed PNG_USER_CHUNK_MALLOC_MAX from unlimited to 8,000,000.
+    This can only be changed at library-build time.  It only
+    affects the maximum memory that can be allocated to an
+    ancillary chunk; it does not limit the size of IDAT
+    data, which is instead limited by PNG_USER_WIDTH_MAX.
+  Rebuilt configure scripts with automake-1.15 and libtool-2.4.6

 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit