2010年3月 3日

[installer 2271] Re: libpng-1.4.1, 1.2.43, 1.0.53

(Sun, 28 Feb 2010 10:03:25 +0900 (JST))
Koga Youichirou <y-koga@xxxxx>:
> libpng-1.4.1, 1.2.43, 1.0.53 出ています。

DoS につながるぜい弱性の修正が入っていました。

> Revised png_decompress_chunk() to improve speed and memory usage when
> decoding large chunks, using a two-pass method suggested by John Bowler.


これですね。

http://www.kb.cert.org/vuls/id/576029
参照のこと。

> ☆ libpng-1.4.1
> http://sourceforge.net/projects/libpng/
> http://sourceforge.net/projects/libpng/files/01-libpng-master/
>
> version 1.4.1 [February 25, 2010]
>
> Updated CMakeLists.txt for consistent indentation and to avoid an
> unclosed if-statement warning (Philip Lowman).
> Revised Makefile.am and Makefile.in to remove references to Y2KINFO,
> KNOWNBUG, and libpng.la (Robert Schwebel).
> Revised the makefiles to install the same files and symbolic
> except for libpng.la and libpng14.la.
> Make png_set|get_compression_buffer_size() available even when
> PNG_WRITE_SUPPORTED is not enabled.
> Revised Makefile.am and Makefile.in to simplify their maintenance.
> Revised the makefiles to install a link to libpng14.so.14.1
> Removed png_set_premultiply_alpha() from scripts/*.def
> Revised png_decompress_chunk() to improve speed and memory usage when
> decoding large chunks, using a two-pass method suggested by John Bowler.
> Added png_set|get_chunk_malloc_max() functions.
> Relocated "int k" declaration in pngtest.c to minimize its scope.
> Folded some long lines in the source files.
> Added defineable PNG_USER_CHUNK_CACHE_MAX and PNG_USER_CHUNK_MALLOC_MAX
> Eliminated use of png_ptr->irowbytes and reused the slot in png_ptr as
> png_ptr->png_user_chunk_malloc_max.
> Return allocated "old_buffer" in png_push_save_buffer() before calling
> png_error(), to avoid a potential memory leak.
> Removed the cbuilder5 project, which has not been updated to 1.4.0.
> Complete rewrite of two-pass png_decompress_chunk() by John Bowler.
> Removed obsolete unused MMX-querying support from contrib/gregbook
> Removed the AIX redefinition of jmpbuf in png.h
> Define _ALL_SOURCE in configure.ac, makefile.aix, and CMakeLists.txt
> when using AIX compiler.
> Removed unused gzio.c from contrib/pngminim gather and makefile scripts
>
>
> ☆ libpng-1.2.43
> http://sourceforge.net/projects/libpng/
> http://sourceforge.net/projects/libpng/files/03-libpng-previous/
>
> version 1.2.43 [February 25, 2010]
>
> Updated CMakeLists.txt for consistent indentation and to avoid an
> unclosed if-statement warning (Philip Lowman).
> Removed "#ifdef PNG_1_0_X / #endif" surrounding
> PNG_READ_16_TO_8_SUPPORTED and PNG_READ_GRAY_TO_RGB_SUPPORTED
> in pngconf.h. These were added in libpng-1.2.41beta08 and libpng-1.0.51,
> which introduced a binary incompatibility with libpng-1.0.50.
> Backported two-pass png_decompress_chunk() algorithm from libpng-1.4.1
> Removed PNGAPI declaration of png_calloc() and png_write_sig() in
> 1ibpng-1.2.X, introduced by mistake in libpng-1.2.41.
> Return allocated "old_buffer" in png_push_save_buffer() before png_error(),
> to avoid a potential memory leak.
> Ported rewritten png_decompress_chunk() by John Bowler from libpng-1.4.1.
> Define _ALL_SOURCE in configure.ac, makefile.aix, and CMakeLists.txt
> when using AIX compiler.
> Removed unused gzio.c from contrib/pngminim gather and makefile scripts
>
>
> ☆ libpng-1.0.53
> http://sourceforge.net/projects/libpng/
> http://sourceforge.net/projects/libpng/files/04-libpng-legacy/
>
> version 1.0.53 [February 25, 2010]
>
> Updated CMakeLists.txt for consistent indentation and to avoid an
> unclosed if-statement warning (Philip Lowman).
> Removed "#ifdef PNG_1_0_X / #endif" surrounding
> PNG_READ_16_TO_8_SUPPORTED and PNG_READ_GRAY_TO_RGB_SUPPORTED
> in pngconf.h. These were added in libpng-1.2.41beta08 and libpng-1.0.51,
> which introduced a binary incompatibility with libpng-1.0.50.
> Backported two-pass png_decompress_chunk() algorithm from libpng-1.4.1
> Removed PNGAPI declaration of png_calloc() and png_write_sig() in
> 1ibpng-1.2.X, introduced by mistake in libpng-1.2.41.
> Return allocated "old_buffer" in png_push_save_buffer() before png_error(),
> to avoid a potential memory leak.
> Ported rewritten png_decompress_chunk() by John Bowler from libpng-1.4.1.
> Define _ALL_SOURCE in configure.ac, makefile.aix, and CMakeLists.txt
> when using AIX compiler.
> Removed unused gzio.c from contrib/pngminim gather and makefile scripts

----
こがよういちろう


投稿者 xml-rpc : 2010年3月 3日 16:23
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/93826
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。