File optipng.changes of Package optipng

-------------------------------------------------------------------
Fri Nov 10 11:12:58 UTC 2023 - Enrico Belleri <kilgore.trout@idesmi.eu>

- Update to 0.7.8:
  * Upgraded libpng to version 1.6.40.
  * Upgraded zlib to version 1.3-optipng.
  * Upgraded cexcept to version 2.0.2-optipng.
 !! Fixed a global-buffer-overflow vulnerability in the GIF reader
    (boo#1215937 CVE-2023-43907).
  ! Fixed a stack-print-after-scope defect in the error handler.
  ! Fixed an assertion failure in the image reduction module.
  ! Fixed the command-line wildargs expansion in the Windows port.
  * Raised the minimum required libpng version from 1.2.9 to 1.6.35.
  * Raised the minimum required zlib version from 1.2.1 to 1.2.8.
  * Refactored the structured exception handling.

-------------------------------------------------------------------
Mon Oct  9 10:14:29 UTC 2023 - pgajdos@suse.com

- asan_build to disable or enable asan build

-------------------------------------------------------------------
Mon Feb 27 10:18:05 UTC 2023 - pgajdos@suse.com

- remove unused %optipng macro
- deleted sources
  - macros.optipng (not needed)

-------------------------------------------------------------------
Wed May  4 08:43:23 UTC 2022 - Marcus Meissner <meissner@suse.com>

- switched source url to https

-------------------------------------------------------------------
Thu May  6 06:16:40 UTC 2021 - pgajdos@suse.com

- install rpm macros in %{_rpmmacrodir} [bsc#1185664]
- call spec-cleaner

-------------------------------------------------------------------
Fri Jan 12 07:57:59 UTC 2018 - pgajdos@suse.com

- update to 0.7.7:
    * Upgraded minitiff to version 0.2.
   !! Fixed a buffer overflow vulnerability in the GIF decoder.
      [Reported by Joonun Jang]
   !! Fixed an integer overflow vulnerability in the TIFF decoder.
      [Reported by Jaeseung Choi]
    ! Fixed the build on macOS High Sierra.
      [Reported by various users]
      [Fixed by Yuen Ho Wong and Friedrich Preuss]
    ! Fixed the build on DJGPP.
    * Disallowed out-of-bounds values in rangeset options.
- removed upstream patches:
  - optipng-CVE-2017-1000229.patch
  - optipng-CVE-2017-16938.patch

-------------------------------------------------------------------
Mon Nov 27 08:19:44 UTC 2017 - pgajdos@suse.com

- security update:
  * CVE-2017-16938 [bsc#1069774]
    + optipng-CVE-2017-16938.patch

-------------------------------------------------------------------
Mon Nov 20 10:28:38 UTC 2017 - pgajdos@suse.com

- security update:
  * CVE-2017-1000229 [bsc#1068720]
    + optipng-CVE-2017-1000229.patch

-------------------------------------------------------------------
Tue Apr  5 08:15:40 UTC 2016 - pgajdos@suse.com

- updated to 0.7.6, fixes CVE-2016-2191

-------------------------------------------------------------------
Mon Apr 27 14:23:20 UTC 2015 - mpluskal@suse.com

- Cleanup spec file with spec-clener
- Update dependencies
- Enable checks

-------------------------------------------------------------------
Mon Mar 31 07:56:27 UTC 2014 - pgajdos@suse.com

- updated to 0.7.5:
  ! Fixed various build issues with libpng-1.5 and libpng-1.6.
  * Allowed the handling of huge image files  (> millions of pixels
    per row or column) to be independent of the libpng version.
  + Allowed the option -preserve to save the file ownership (UID/GID)
    on Unix.  (Thanks to Otto Kekäläinen for the suggestion.)
- removed libpng16.patch

-------------------------------------------------------------------
Fri Feb 15 12:35:19 UTC 2013 - pgajdos@suse.com

- build also agains libpng16
  * libpng16.patch

-------------------------------------------------------------------
Tue Nov 20 12:24:53 UTC 2012 - pgajdos@suse.com

- updated to 0.7.4:
  !! Fixed the previous fix, which failed to fix the option -fix.
   (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.)

-------------------------------------------------------------------
Mon Sep 24 11:58:03 UTC 2012 - pgajdos@suse.com

- updated to 0.7.3:
  * fixed 'OptiPNG Palette Reduction Use-After-Free Vulnerability'
    [bnc#780874]

-------------------------------------------------------------------
Tue Aug  7 12:41:22 UTC 2012 - pgajdos@suse.com

- updated to 0.7.1:
  !! Fixed a regression in the reduction of palette-encoded grayscale
     images.  This regression was introduced in version 0.7.
     (Thanks to Adam Ciarcinski for the fix.)

-------------------------------------------------------------------
Fri Mar  2 11:54:06 UTC 2012 - pgajdos@suse.com

- updated to 0.7:
  + Added the popularly-requested option -strip.
  + Added the option -backup, as an alias of -keep.
  + Added the option -silent, as an alias of -quiet.
  - Deprecated the option -log.
  * Changed the activity display output from STDOUT to STDERR.
  + Allowed the option -preserve to save high-resolution timestamps
   on Unix, if the POSIX-1.2008 API is available.  This feature was
   previously available on Windows only.
  ! Fixed a minor precision error in the display of file size percents.
  ! Fixed a memory leak that occurred when reading broken GIF images.
  ! Fixed various build issues.
    (Thanks to Sebastian Pipping and Ville Skytta for the fixes.)
  * Resolved all remaining compatibility issues with libpng-1.5.
    (Thanks in part to Adam Ciarcinski for the contribution.)

-------------------------------------------------------------------
Thu Mar  3 12:07:53 CET 2011 - pgajdos@suse.cz

- updated to 0.6.5:
  * Fixed processing of PNG files with chunks of size 0.
  * Fixed a display error in the TIFF import.
  * Improved checking of the arguments of -f, -zc, -zm and -zs.
  * Removed quirks from the rangeset option argument syntax.

-------------------------------------------------------------------
Mon Aug 23 16:48:05 CEST 2010 - pgajdos@suse.cz

- updated to 0.6.4:
   + Added the option -nx.
   * Clarified the behavior of -nz and the relation between 
     -nz and -o0.
   + Added a filesystem check (resolving normalized paths, 
     symlinks, etc.) to better detect when the output overwrites 
     the input.

-------------------------------------------------------------------
Tue Apr  6 14:15:24 CEST 2010 - pgajdos@suse.cz

- build with libpng 1.4

-------------------------------------------------------------------
Tue May 19 15:23:16 CEST 2009 - pgajdos@suse.cz

- updated to 0.6.3
  * fixes memory reallocation vulnerability (patch removed)
  * fixes use-after-free vulnerability [bnc#505103]

-------------------------------------------------------------------
Wed Mar  4 10:41:58 CET 2009 - meissner@suse.de

- build with RPM_OPT_FLAGS

-------------------------------------------------------------------
Tue Feb 24 10:28:55 CET 2009 - pgajdos@suse.cz

- fixed security bug: memory reallocation vulnerability [bnc#479067]
  * reallocation-security.diff

-------------------------------------------------------------------
Tue Jan 13 17:43:09 CET 2009 - pgajdos@suse.cz

- update to 0.6.2
  * fixes CVE-2008-5101, patch removed`

-------------------------------------------------------------------
Tue Dec  2 12:00:29 CET 2008 - pgajdos@suse.cz

- fixes [bnc#447453] - optipng bmp buffer overflow
  CVE-2008-5101.patch

-------------------------------------------------------------------
Thu Jul 31 11:46:22 CEST 2008 - pgajdos@suse.cz

- updated to version 0.6.1:
 * Upgraded cexcept to version 2.0.1.
 + Added a configure script, to be used instead of unix-secure.mak.
 ! Fixed a build issue that occured when using libpng from the system.
 ! Fixed processing when image reduction yields an output larger than
   the original.  
 ! Fixed behavior of -preserve.
 - Removed displaying of partial progress when abandoning IDATs under
   the -v option.  The percentages displayed were not very accurate.

-------------------------------------------------------------------
Tue Jun 24 11:10:39 CEST 2008 - pgajdos@suse.cz

- updated to version 0.6:
  * Implemented grayscale(alpha)-to-palette reductions.
  * Improved conversion of bKGD info during RGB-to-palette reductions.
  * Fixed conversion of bKGD and tRNS during 16-to-8-bit reductions.
  * Added support for compressed BMP (incl. PNG-compressed BMP)
  * Improved the speed of reading raw PNM files.
  * Recognized PNG digital signatures (dSIG) and disabled optimization
    in their presence, to preserve their integrity.
  * Allowed the user to enforce the optimization of dSIG'ed files.
  * Recognized APNG animation files and disabled reductions to preserve
    their integrity.
  * Added the -snip option, to allow the user to "snip" one image out of
    a multi-image file, such as animated GIF, multi-page TIFF, or APNG.
  * Improved recovery of PNG files with incomplete IDAT.
  * Fixed a crash triggered by the use of -log on some platforms.
  * Fixed behavior of -out and -dir when the input is already optimized.
  * Provided more detailed image information at the start of processing.
  * Provided a more detailed summary at the end of processing, under the
    presence of the -v option and/or the occurence of exceptional events.
- added optipng-0.6.0.1.diff from upstream (building with system libs)

-------------------------------------------------------------------
Mon Sep 10 19:02:50 CEST 2007 - pgajdos@suse.cz

- package provides %optipng macro [#309087]
- removed DESTDIR=$RPM_BUILD_ROOT from %build phase

-------------------------------------------------------------------
Thu Feb  1 13:50:37 CET 2007 - dmueller@suse.de

- update to 0.5.5:
  * Used a previously-missed RGB-to-palette reduction opportunity
  * Fixed conversion of bKGD info during rgb-to-palette reductions.
  * Fixed pre-computation of iterations.
  * Fixed behavior of -out and -dir when changing interlacing.

-------------------------------------------------------------------
Sat Dec  2 07:06:40 CET 2006 - dmueller@suse.de

- add upstream patch to fix handling of true-color RGB images

-------------------------------------------------------------------
Wed Nov  8 23:48:20 CET 2006 - dmueller@suse.de

- Initial package (0.5.4)

openSUSE Build Service is sponsored by