commit 6c7570bde7d56962a8b188c157e8129419c9f16e Author: Fredrik Rinnestam <fredrik@crux.nu> Date: Mon Jan 2 21:58:13 2017 +0100 [notify] libpng: updated to 1.6.27. Fix for CVE-2016-10087. Advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 diff --git a/libpng/.footprint b/libpng/.footprint index 8dde1e1..3e11396 100644 --- a/libpng/.footprint +++ b/libpng/.footprint @@ -18,9 +18,9 @@ lrwxrwxrwx root/root usr/lib/libpng.la -> libpng16.la lrwxrwxrwx root/root usr/lib/libpng.so -> libpng16.so -rw-r--r-- root/root usr/lib/libpng16.a -rwxr-xr-x root/root usr/lib/libpng16.la -lrwxrwxrwx root/root usr/lib/libpng16.so -> libpng16.so.16.26.0 -lrwxrwxrwx root/root usr/lib/libpng16.so.16 -> libpng16.so.16.26.0 --rwxr-xr-x root/root usr/lib/libpng16.so.16.26.0 +lrwxrwxrwx root/root usr/lib/libpng16.so -> libpng16.so.16.27.0 +lrwxrwxrwx root/root usr/lib/libpng16.so.16 -> libpng16.so.16.27.0 +-rwxr-xr-x root/root usr/lib/libpng16.so.16.27.0 drwxr-xr-x root/root usr/lib/pkgconfig/ lrwxrwxrwx root/root usr/lib/pkgconfig/libpng.pc -> libpng16.pc -rw-r--r-- root/root usr/lib/pkgconfig/libpng16.pc diff --git a/libpng/.md5sum b/libpng/.md5sum index 32dd94c..87bcd77 100644 --- a/libpng/.md5sum +++ b/libpng/.md5sum @@ -1,2 +1,2 @@ -faed9bb495d2e12dd0c9ec561ca60cd8 libpng-1.6.26.tar.xz -ce372fe75b670f1f714ef5588f57e1a4 libpng-apng.patch +90099cb7dfb36bf223f4791429d45c6a libpng-1.6.27.tar.xz +493e3dfbf217a6fd8f3f4d9e4691bb9c libpng-apng.patch diff --git a/libpng/Pkgfile b/libpng/Pkgfile index 94a28e6..7ac3bd1 100644 --- a/libpng/Pkgfile +++ b/libpng/Pkgfile @@ -4,7 +4,7 @@ # Depends on: zlib name=libpng -version=1.6.26 +version=1.6.27 release=1 source=(http://download.sourceforge.net/$name/$name-$version.tar.xz \ $name-apng.patch) diff --git a/libpng/libpng-apng.patch b/libpng/libpng-apng.patch index 58fdafd..d1b1806 100644 --- a/libpng/libpng-apng.patch +++ b/libpng/libpng-apng.patch @@ -299,8 +299,8 @@ Index: png.c #else # ifdef __STDC__ return PNG_STRING_NEWLINE \ -- "libpng version 1.6.26 - October 20, 2016" PNG_STRING_NEWLINE \ -+ "libpng version 1.6.26+apng - October 20, 2016" PNG_STRING_NEWLINE \ +- "libpng version 1.6.27 - December 29, 2016" PNG_STRING_NEWLINE \ ++ "libpng version 1.6.27+apng - December 29, 2016" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ @@ -310,8 +310,8 @@ Index: png.c + "Portions Copyright (c) 2006-2007 Andrew Smith" PNG_STRING_NEWLINE \ + "Portions Copyright (c) 2008-2016 Max Stepin" PNG_STRING_NEWLINE ; # else -- return "libpng version 1.6.26 - October 20, 2016\ -+ return "libpng version 1.6.26+apng - October 20, 2016\ +- return "libpng version 1.6.27 - December 29, 2016\ ++ return "libpng version 1.6.27+apng - December 29, 2016\ Copyright (c) 1998-2002,2004,2006-2016 Glenn Randers-Pehrson\ Copyright (c) 1996-1997 Andreas Dilger\ - Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; @@ -342,11 +342,11 @@ Index: png.h */ /* Version information for png.h - this should match the version in png.c */ --#define PNG_LIBPNG_VER_STRING "1.6.26" --#define PNG_HEADER_VERSION_STRING " libpng version 1.6.26 - October 20, 2016\n" -+#define PNG_LIBPNG_VER_STRING "1.6.26+apng" +-#define PNG_LIBPNG_VER_STRING "1.6.27" +-#define PNG_HEADER_VERSION_STRING " libpng version 1.6.27 - December 29, 2016\n" ++#define PNG_LIBPNG_VER_STRING "1.6.27+apng" +#define PNG_HEADER_VERSION_STRING \ -+ " libpng version 1.6.26+apng - October 20, 2016\n" ++ " libpng version 1.6.27+apng - December 29, 2016\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16