Overview

File pngcheck.changes of Package pngcheck

-------------------------------------------------------------------
Mon Dec 13 11:51:03 UTC 2021 - pgajdos@suse.com

- version update to 3.0.3
  * 20210124 GRR: released version 3.0.1
  *               ----------------------
  * 20201217 BB:  fixed a crash bug (and probable vulnerability) in large (MNG)
  *               LOOP chunks
  * 20210131 GRR: updated Makefile.mingw32 for modern versions and added
  *               Makefile.mingw64 (targets Win64); both are essentially
  *               UNTESTED, however!
  * 20210131 GRR: released version 3.0.2
  *               ----------------------
  * 20210416 BB:  fixed a divide-by-zero crash bug (and probable vulnerability)
  *               in interlaced images with extra compressed data beyond the
  *               nominal end of the image data (found by "chiba of topsec alpha
  *               lab")

-------------------------------------------------------------------
Mon Dec 28 16:07:13 UTC 2020 - pgajdos@suse.com

- version update to 3.0.0
  * 20070709 GRR: tweaked color definitions slightly to work better on terminals
  *               with white/light backgrounds
  * 20070712 GRR: added Makefile.mingw32
  * 20100504 GRR: fixed DHDR (pre-MNG-1.0) bug identified by Winfried <szukw000@arcor.de>
  * 20170713 GRP: added eXIf support (GRR: added check for II/MM/unknown format)
  * 20201012 BB:  converted static const help/usage-related strings to macros so
  *               -Werror=format-security doesn't trigger (Ben Beasley)
  * 20201015 BB:  added (help2man-generated) man pages for all three utils
  * 20201017 GRR: added top-level LICENSE file; fixed various compiler warnings
  * 20201031 GRR: replaced gpl/COPYING (outdated address, references to Library
  *               GPL) with https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
  *               (thanks to Ben Beasley for catching that)
  * 20201113 BB:  fixed buffer-overflow vulnerability discovered by "giantbranch
  *               of NSFOCUS Security Team"
  *               https://bugzilla.redhat.com/show_bug.cgi?id=1897485
  * 20201128 BB:  found and fixed four additional vulnerabilities (null-pointer
  *               dereference and three buffer overruns)
  * 20201209 LP:  fixed an off-by-one bug in check_magic() (Lucy Phipps)
  * 20201209 LL:  converted two zlib-version warnings/errors to go to stderr
  *               (Lemures Lemniscati, actually from 20180318; forwarded by LP)
  * 20201210 BB:  fixed another buffer-overflow vulnerability discovered by
  *               "giantbranch of NSFOCUS Security Team"
  *               https://bugzilla.redhat.com/show_bug.cgi?id=1905775
  * 20201212 GRR: removed -f ("force") option due to multiple security issues
- modified patches
  % fixbuild.diff (refreshed)
- deleted patches
  - pngcheck-CVE-2020-27818.patch (upstreamed)

-------------------------------------------------------------------
Thu Dec  3 11:45:40 UTC 2020 - pgajdos@suse.com

- security update
- added patches
  fix CVE-2020-27818 [bsc#1179528], global buffer overflow was discovered in check_chunk_name function via crafted pngfile
  + pngcheck-CVE-2020-27818.patch

-------------------------------------------------------------------
Sun Aug  2 09:37:14 UTC 2015 - mpluskal@suse.com

- Use url for source
- Cleanup spec file with spec-cleaner

-------------------------------------------------------------------
Fri Aug  9 08:55:32 UTC 2013 - pgajdos@suse.com

- micro spec file cleanup, created *.changes

-------------------------------------------------------------------
Sat Aug 30 08:54:34 UTC 2009 - opensuse@dstoecker.de

- created 2.3.0
openSUSE Build Service is sponsored by
Places