mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[libpng17] Added some CVE numbers to the January 2013 CHANGES and ANNOUNCE files

Browse Source
This commit is contained in:
Glenn Randers-Pehrson 2014-04-10 16:40:40 -05:00
parent 12845bc947
commit f3b1eb68a6
2 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ANNOUNCE
View File

@ -1,5 +1,5 @@
Libpng 1.7.0beta35 - April 6, 2014 Libpng 1.7.0beta35 - April 10, 2014
This is not intended to be a public release. It will be replaced This is not intended to be a public release. It will be replaced
within a few weeks by a public version or by another test version. within a few weeks by a public version or by another test version.
@ -112,7 +112,9 @@ Version 1.7.0alpha07 [January 10, 2013]
programs to generate and test a PNG which should have the problem. programs to generate and test a PNG which should have the problem.
Version 1.7.0alpha08 [January 17, 2013] Version 1.7.0alpha08 [January 17, 2013]
Corrected previous attempt at overflow detection in png_set_unknown_chunks(). Corrected previous attempt at overflow detection in png_set_unknown_chunks()
(CVE-2013-7353). Added overflow detection in png_set_sPLT() and
png_set_text_2() (CVE-2013-7354).
Version 1.7.0alpha09 [January 21, 2013] Version 1.7.0alpha09 [January 21, 2013]
Pulled changes to multi-chunk handling from libpng-1.6.0beta40. Pulled changes to multi-chunk handling from libpng-1.6.0beta40.
@ -572,7 +574,7 @@ Version 1.7.0beta34 [March 17, 2014]
Changed ZlibSrcDir from 1.2.5 to 1.2.8 in projects/vstudio. Changed ZlibSrcDir from 1.2.5 to 1.2.8 in projects/vstudio.
Moved configuration information from the manual to the INSTALL file. Moved configuration information from the manual to the INSTALL file.
Version 1.7.0beta35 [April 6, 2014] Version 1.7.0beta35 [April 10, 2014]
Removed #if/#else/#endif from inside two pow() calls in pngvalid.c because Removed #if/#else/#endif from inside two pow() calls in pngvalid.c because
they were handled improperly by Portland Group's PGI-14.1 - PGI-14.3 they were handled improperly by Portland Group's PGI-14.1 - PGI-14.3
when using its "__builtin_pow()" function. when using its "__builtin_pow()" function.

6
CHANGES
View File

@ -4400,7 +4400,9 @@ Version 1.7.0alpha07 [January 10, 2013]
programs to generate and test a PNG which should have the problem. programs to generate and test a PNG which should have the problem.
Version 1.7.0alpha08 [January 17, 2013] Version 1.7.0alpha08 [January 17, 2013]
Corrected previous attempt at overflow detection in png_set_unknown_chunks(). Corrected previous attempt at overflow detection in png_set_unknown_chunks()
(CVE-2013-7353). Added overflow detection in png_set_sPLT() and
png_set_text_2() (CVE-2013-7354).
Version 1.7.0alpha09 [January 21, 2013] Version 1.7.0alpha09 [January 21, 2013]
Pulled changes to multi-chunk handling from libpng-1.6.0beta40. Pulled changes to multi-chunk handling from libpng-1.6.0beta40.
@ -4861,7 +4863,7 @@ Version 1.7.0beta34 [March 17, 2014]
Changed ZlibSrcDir from 1.2.5 to 1.2.8 in projects/vstudio. Changed ZlibSrcDir from 1.2.5 to 1.2.8 in projects/vstudio.
Moved configuration information from the manual to the INSTALL file. Moved configuration information from the manual to the INSTALL file.
Version 1.7.0beta35 [April 6, 2014] Version 1.7.0beta35 [April 10, 2014]
Removed #if/#else/#endif from inside two pow() calls in pngvalid.c because Removed #if/#else/#endif from inside two pow() calls in pngvalid.c because
they were handled improperly by Portland Group's PGI-14.1 - PGI-14.3 they were handled improperly by Portland Group's PGI-14.1 - PGI-14.3
when using its "__builtin_pow()" function. when using its "__builtin_pow()" function.