From 07b8803110da160b158ebfef872627da6c85cbdf Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Sun, 20 Nov 2022 23:53:23 +0200 Subject: Release libpng version 1.6.39 --- ANNOUNCE | 38 ++++++++++++++++++-------------------- CHANGES | 12 +++++++++++- CMakeLists.txt | 4 ++-- README | 4 ++-- configure | 22 +++++++++++----------- configure.ac | 4 ++-- libpng-manual.txt | 2 +- libpng.3 | 6 +++--- libpngpf.3 | 4 ++-- png.c | 4 ++-- png.h | 18 +++++++++--------- pngconf.h | 2 +- pngtest.c | 2 +- scripts/libpng-config-head.in | 2 +- scripts/libpng.pc.in | 2 +- scripts/pnglibconf.h.prebuilt | 2 +- 16 files changed, 68 insertions(+), 60 deletions(-) diff --git a/ANNOUNCE b/ANNOUNCE index 2b9088303..5675b973a 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -1,13 +1,5 @@ -libpng 1.6.39.git -================= - -This is a development version, not intended to be a public release. -It will be replaced by a public release, or by another development -version, at a later time. - - -libpng 1.6.38 - September 14, 2022 -================================== +libpng 1.6.39 - November 20, 2022 +================================= This is a public release of libpng, intended for use in production code. @@ -17,13 +9,13 @@ Files available for download Source files with LF line endings (for Unix/Linux): - * libpng-1.6.38.tar.xz (LZMA-compressed, recommended) - * libpng-1.6.38.tar.gz + * libpng-1.6.39.tar.xz (LZMA-compressed, recommended) + * libpng-1.6.39.tar.gz Source files with CRLF line endings (for Windows): - * lpng1638.7z (LZMA-compressed, recommended) - * lpng1638.zip + * lpng1639.7z (LZMA-compressed, recommended) + * lpng1639.zip Other information: @@ -33,13 +25,19 @@ Other information: * TRADEMARK.md -Changes since the previous public release (version 1.6.37) ----------------------------------------------------------- +Changes from version 1.6.38 to version 1.6.39 +--------------------------------------------- - * Added configurations and scripts for continuous integration. - * Fixed various errors in the handling of tRNS, hIST and eXIf. - * Implemented many stability improvements across all platforms. - * Updated the internal documentation. + * Changed the error handler of oversized chunks (i.e. larger than + PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error. + * Fixed a buffer overflow error in contrib/tools/pngfix. + * Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp. + * Disabled the ARM Neon optimizations by default in the CMake file, + following the default behavior of the configure script. + * Allowed configure.ac to work with the trunk version of autoconf. + * Removed the support for "install" targets from the legacy makefiles; + removed the obsolete makefile.cegcc. + * Cleaned up the code and updated the internal documentation. Send comments/corrections/commendations to png-mng-implement at lists.sf.net. diff --git a/CHANGES b/CHANGES index e0910ccc3..366e0f6a7 100644 --- a/CHANGES +++ b/CHANGES @@ -6109,7 +6109,17 @@ Version 1.6.38 [September 14, 2022] Implemented many stability improvements across all platforms. Updated the internal documentation. -Version 1.6.39 [TODO] +Version 1.6.39 [November 20, 2022] + Changed the error handler of oversized chunks (i.e. larger than + PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error. + Fixed a buffer overflow error in contrib/tools/pngfix. + Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp. + Disabled the ARM Neon optimizations by default in the CMake file, + following the default behavior of the configure script. + Allowed configure.ac to work with the trunk version of autoconf. + Removed the support for "install" targets from the legacy makefiles; + removed the obsolete makefile.cegcc. + Cleaned up the code and updated the internal documentation. Send comments/corrections/commendations to png-mng-implement at lists.sf.net. Subscription is required; visit diff --git a/CMakeLists.txt b/CMakeLists.txt index b4637f997..86e0affc4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -34,8 +34,8 @@ enable_testing() set(PNGLIB_MAJOR 1) set(PNGLIB_MINOR 6) set(PNGLIB_REVISION 39) -#set(PNGLIB_SUBREVISION 0) -set(PNGLIB_SUBREVISION "git") +set(PNGLIB_SUBREVISION 0) +#set(PNGLIB_SUBREVISION "git") set(PNGLIB_NAME libpng${PNGLIB_MAJOR}${PNGLIB_MINOR}) set(PNGLIB_VERSION ${PNGLIB_MAJOR}.${PNGLIB_MINOR}.${PNGLIB_REVISION}) set(PNGLIB_SHARED_SOVERSION ${PNGLIB_MAJOR}${PNGLIB_MINOR}) diff --git a/README b/README index 3d1a432dd..097a3c218 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ -README for libpng version 1.6.39.git -==================================== +README for libpng version 1.6.39 +================================ See the note about version numbers near the top of png.h. See INSTALL for instructions on how to install libpng. diff --git a/configure b/configure index 7a192997d..8ad4092ca 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for libpng 1.6.39.git. +# Generated by GNU Autoconf 2.71 for libpng 1.6.39. # # Report bugs to . # @@ -621,8 +621,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libpng' PACKAGE_TARNAME='libpng' -PACKAGE_VERSION='1.6.39.git' -PACKAGE_STRING='libpng 1.6.39.git' +PACKAGE_VERSION='1.6.39' +PACKAGE_STRING='libpng 1.6.39' PACKAGE_BUGREPORT='png-mng-implement@lists.sourceforge.net' PACKAGE_URL='' @@ -1411,7 +1411,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libpng 1.6.39.git to adapt to many kinds of systems. +\`configure' configures libpng 1.6.39 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1482,7 +1482,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libpng 1.6.39.git:";; + short | recursive ) echo "Configuration of libpng 1.6.39:";; esac cat <<\_ACEOF @@ -1663,7 +1663,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libpng configure 1.6.39.git +libpng configure 1.6.39 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -1919,7 +1919,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libpng $as_me 1.6.39.git, which was +It was created by libpng $as_me 1.6.39, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -3196,7 +3196,7 @@ fi # Define the identity of the package. PACKAGE='libpng' - VERSION='1.6.39.git' + VERSION='1.6.39' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -3328,7 +3328,7 @@ fi -PNGLIB_VERSION=1.6.39.git +PNGLIB_VERSION=1.6.39 PNGLIB_MAJOR=1 PNGLIB_MINOR=6 PNGLIB_RELEASE=39 @@ -14894,7 +14894,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libpng $as_me 1.6.39.git, which was +This file was extended by libpng $as_me 1.6.39, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14962,7 +14962,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -libpng config.status 1.6.39.git +libpng config.status 1.6.39 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index a553f8a91..986c77470 100644 --- a/configure.ac +++ b/configure.ac @@ -25,7 +25,7 @@ AC_PREREQ([2.68]) dnl Version number stuff here: -AC_INIT([libpng],[1.6.39.git],[png-mng-implement@lists.sourceforge.net]) +AC_INIT([libpng],[1.6.39],[png-mng-implement@lists.sourceforge.net]) AC_CONFIG_MACRO_DIR([scripts]) # libpng does not follow GNU file name conventions (hence 'foreign') @@ -46,7 +46,7 @@ dnl automake, so the following is not necessary (and is not defined anyway): dnl AM_PREREQ([1.11.2]) dnl stop configure from automagically running automake -PNGLIB_VERSION=1.6.39.git +PNGLIB_VERSION=1.6.39 PNGLIB_MAJOR=1 PNGLIB_MINOR=6 PNGLIB_RELEASE=39 diff --git a/libpng-manual.txt b/libpng-manual.txt index 0a4f37351..d85679616 100644 --- a/libpng-manual.txt +++ b/libpng-manual.txt @@ -9,7 +9,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng version 1.6.36, December 2018, through 1.6.38 - September 2022 + libpng version 1.6.36, December 2018, through 1.6.39 - November 2022 Updated and distributed by Cosmin Truta Copyright (c) 2018-2022 Cosmin Truta diff --git a/libpng.3 b/libpng.3 index 87cd775a8..2ea6af3b4 100644 --- a/libpng.3 +++ b/libpng.3 @@ -1,6 +1,6 @@ -.TH LIBPNG 3 "September 14, 2022" +.TH LIBPNG 3 "November 20, 2022" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.38 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.39 .SH SYNOPSIS \fB#include \fP @@ -528,7 +528,7 @@ libpng-manual.txt - A description on how to use and modify libpng Based on: - libpng version 1.6.36, December 2018, through 1.6.38 - September 2022 + libpng version 1.6.36, December 2018, through 1.6.39 - November 2022 Updated and distributed by Cosmin Truta Copyright (c) 2018-2022 Cosmin Truta diff --git a/libpngpf.3 b/libpngpf.3 index 3da3b863d..dbf40d436 100644 --- a/libpngpf.3 +++ b/libpngpf.3 @@ -1,6 +1,6 @@ -.TH LIBPNGPF 3 "September 14, 2022" +.TH LIBPNGPF 3 "November 20, 2022" .SH NAME -libpng \- Portable Network Graphics (PNG) Reference Library 1.6.38 +libpng \- Portable Network Graphics (PNG) Reference Library 1.6.39 (private functions) .SH SYNOPSIS diff --git a/png.c b/png.c index 8fac41475..4f3e8bbd3 100644 --- a/png.c +++ b/png.c @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_39_git Your_png_h_is_not_version_1_6_39_git; +typedef png_libpng_version_1_6_39 Your_png_h_is_not_version_1_6_39; #ifdef __GNUC__ /* The version tests may need to be added to, but the problem warning has @@ -815,7 +815,7 @@ png_get_copyright(png_const_structrp png_ptr) return PNG_STRING_COPYRIGHT #else return PNG_STRING_NEWLINE \ - "libpng version 1.6.39.git" PNG_STRING_NEWLINE \ + "libpng version 1.6.39" PNG_STRING_NEWLINE \ "Copyright (c) 2018-2022 Cosmin Truta" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ diff --git a/png.h b/png.h index e984eb0bf..f109cdf33 100644 --- a/png.h +++ b/png.h @@ -1,7 +1,7 @@ /* png.h - header file for PNG reference library * - * libpng version 1.6.39.git + * libpng version 1.6.39 - November 20, 2022 * * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson @@ -15,7 +15,7 @@ * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger * libpng versions 0.97, January 1998, through 1.6.35, July 2018: * Glenn Randers-Pehrson - * libpng versions 1.6.36, December 2018, through 1.6.38, September 2022: + * libpng versions 1.6.36, December 2018, through 1.6.39, November 2022: * Cosmin Truta * See also "Contributing Authors", below. */ @@ -239,7 +239,7 @@ * ... * 1.5.30 15 10530 15.so.15.30[.0] * ... - * 1.6.38 16 10638 16.so.16.38[.0] + * 1.6.39 16 10639 16.so.16.39[.0] * * Henceforth the source version will match the shared-library major and * minor numbers; the shared-library major version number will be used for @@ -278,8 +278,8 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.39.git" -#define PNG_HEADER_VERSION_STRING " libpng version 1.6.39.git\n" +#define PNG_LIBPNG_VER_STRING "1.6.39" +#define PNG_HEADER_VERSION_STRING " libpng version 1.6.39 - November 20, 2022\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16 @@ -292,7 +292,7 @@ /* This should be zero for a public release, or non-zero for a * development version. [Deprecated] */ -#define PNG_LIBPNG_VER_BUILD 1 +#define PNG_LIBPNG_VER_BUILD 0 /* Release Status */ #define PNG_LIBPNG_BUILD_ALPHA 1 @@ -309,7 +309,7 @@ #define PNG_LIBPNG_BUILD_SPECIAL 32 /* Cannot be OR'ed with PNG_LIBPNG_BUILD_PRIVATE */ -#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_BETA +#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_STABLE /* Careful here. At one time, Guy wanted to use 082, but that * would be octal. We must not include leading zeros. @@ -318,7 +318,7 @@ * From version 1.0.1 it is: * XXYYZZ, where XX=major, YY=minor, ZZ=release */ -#define PNG_LIBPNG_VER 10639 /* 1.6.39.git */ +#define PNG_LIBPNG_VER 10639 /* 1.6.39 */ /* Library configuration: these options cannot be changed after * the library has been built. @@ -428,7 +428,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_39_git; +typedef char* png_libpng_version_1_6_39; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * diff --git a/pngconf.h b/pngconf.h index 46a08c98a..fcb4b4306 100644 --- a/pngconf.h +++ b/pngconf.h @@ -1,7 +1,7 @@ /* pngconf.h - machine-configurable file for libpng * - * libpng version 1.6.39.git + * libpng version 1.6.39 * * Copyright (c) 2018-2022 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson diff --git a/pngtest.c b/pngtest.c index 90780ee4c..542ee9593 100644 --- a/pngtest.c +++ b/pngtest.c @@ -2155,4 +2155,4 @@ main(void) #endif /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_39_git Your_png_h_is_not_version_1_6_39_git; +typedef png_libpng_version_1_6_39 Your_png_h_is_not_version_1_6_39; diff --git a/scripts/libpng-config-head.in b/scripts/libpng-config-head.in index f7f416af0..57874b7bc 100644 --- a/scripts/libpng-config-head.in +++ b/scripts/libpng-config-head.in @@ -11,7 +11,7 @@ # Modeled after libxml-config. -version=1.6.39.git +version=1.6.39 prefix="" libdir="" libs="" diff --git a/scripts/libpng.pc.in b/scripts/libpng.pc.in index caab21d4e..2cb84475d 100644 --- a/scripts/libpng.pc.in +++ b/scripts/libpng.pc.in @@ -5,6 +5,6 @@ includedir=@includedir@/libpng16 Name: libpng Description: Loads and saves PNG files -Version: 1.6.39.git +Version: 1.6.39 Libs: -L${libdir} -lpng16 Cflags: -I${includedir} diff --git a/scripts/pnglibconf.h.prebuilt b/scripts/pnglibconf.h.prebuilt index d61488c4e..e5948c8ce 100644 --- a/scripts/pnglibconf.h.prebuilt +++ b/scripts/pnglibconf.h.prebuilt @@ -1,6 +1,6 @@ /* pnglibconf.h - library build configuration */ -/* libpng version 1.6.39.git */ +/* libpng version 1.6.39 */ /* Copyright (c) 2018-2022 Cosmin Truta */ /* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */ -- cgit v1.2.1