Changeset 35794


Ignore:
Timestamp:
2013-02-25T22:04:07+01:00 (5 years ago)
Author:
juhosg
Message:

libpng: version bump to 1.2.50

Version bump libpng to 1.2.50 and switch to the .tar.xz packaging.
Drop patch 200-CVE-2011-3026.patch as it's integrated.

Signed-off-by: Ian Leonard <antonlacon@…>
Signed-off-by: Gabor Juhos <juhosg@…>

Location:
packages/libs/libpng
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • packages/libs/libpng/Makefile

    r33862 r35794  
    11# 
    2 # Copyright (C) 2006-2012 OpenWrt.org 
     2# Copyright (C) 2006-2013 OpenWrt.org 
    33# 
    44# This is free software, licensed under the GNU General Public License v2. 
     
    99 
    1010PKG_NAME:=libpng 
    11 PKG_VERSION:=1.2.46 
    12 PKG_RELEASE:=2 
     11PKG_VERSION:=1.2.50 
     12PKG_RELEASE:=1 
    1313 
    14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 
     14PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz 
    1515PKG_SOURCE_URL:=@SF/libpng 
    16 PKG_MD5SUM:=e8b43dc78ef95b3949af7f961d76874b 
     16PKG_MD5SUM:=a3e00fccbfe356174ab515b5c00641c7 
    1717 
    1818PKG_LICENSE:=LIBPNG GPLv2 

  • packages/libs/libpng/patches/200-CVE-2011-3026.patch

    r30633 r35794  
    1 --- a/pngrutil.c 
    2 +++ b/pngrutil.c 
    3 @@ -339,15 +339,18 @@ png_decompress_chunk(png_structp png_ptr 
    4        /* Now check the limits on this chunk - if the limit fails the 
    5         * compressed data will be removed, the prefix will remain. 
    6         */ 
    7 +      if (prefix_size >= (~(png_size_t)0) - 1 || 
    8 +         expanded_size >= (~(png_size_t)0) - 1 - prefix_size 
    9  #ifdef PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED 
    10 -      if (png_ptr->user_chunk_malloc_max && 
    11 +         || (png_ptr->user_chunk_malloc_max && 
    12            (prefix_size + expanded_size >= png_ptr->user_chunk_malloc_max - 1)) 
    13  #else 
    14  #  ifdef PNG_USER_CHUNK_MALLOC_MAX 
    15 -      if ((PNG_USER_CHUNK_MALLOC_MAX > 0) && 
    16 +         || ((PNG_USER_CHUNK_MALLOC_MAX > 0) && 
    17            prefix_size + expanded_size >= PNG_USER_CHUNK_MALLOC_MAX - 1) 
    18  #  endif 
    19  #endif 
    20 +          ) 
    21           png_warning(png_ptr, "Exceeded size limit while expanding chunk"); 
    22   
    23        /* If the size is zero either there was an error and a message 
    24 @@ -355,14 +358,11 @@ png_decompress_chunk(png_structp png_ptr 
    25         * and we have nothing to do - the code will exit through the 
    26         * error case below. 
    27         */ 
    28 -#if defined(PNG_SET_CHUNK_MALLOC_LIMIT_SUPPORTED) || \ 
    29 -    defined(PNG_USER_CHUNK_MALLOC_MAX) 
    30 -      else 
    31 -#endif 
    32 -      if (expanded_size > 0) 
    33 +      else if (expanded_size > 0) 
    34        { 
    35           /* Success (maybe) - really uncompress the chunk. */ 
    36           png_size_t new_size = 0; 
    37 + 
    38           png_charp text = png_malloc_warn(png_ptr, 
    39                          prefix_size + expanded_size + 1); 
    40   
Note: See TracChangeset for help on using the changeset viewer.