[PATCH] libpng: Update to version 1.6.51

Tue, 02 Dec 2025 03:58:21 -0800 

- Update from version 1.6.50 to 1.6.51
- Update of rootfile
- Four CVE fixes
- Changelog
    1.6.51
          Fixed CVE-2025-64505 (moderate severity):
            Heap buffer overflow in `png_do_quantize` via malformed palette 
index.
            (Reported by Samsung; analyzed by Fabio Gritti.)
          Fixed CVE-2025-64506 (moderate severity):
            Heap buffer over-read in `png_write_image_8bit` with 8-bit input and
            `convert_to_8bit` enabled.
            (Reported by Samsung and <[email protected]>;
            analyzed by Fabio Gritti.)
          Fixed CVE-2025-64720 (high severity):
            Buffer overflow in `png_image_read_composite` via incorrect palette
            premultiplication.
            (Reported by Samsung; analyzed by John Bowler.)
          Fixed CVE-2025-65018 (high severity):
            Heap buffer overflow in `png_combine_row` triggered via
            `png_image_finish_read`.
            (Reported by <[email protected]>.)
          Fixed a memory leak in `png_set_quantize`.
            (Reported by Samsung; analyzed by Fabio Gritti.)
          Removed the experimental and incomplete ERROR_NUMBERS code.
            (Contributed by Tobias Stoeckmann.)
          Improved the RISC-V vector extension support; required RVV 1.0 or 
newer.
            (Contributed by Filip Wasil.)
          Added GitHub Actions workflows for automated testing.
          Performed various refactorings and cleanups.

Signed-off-by: Adolf Belka <[email protected]>
---
 config/rootfiles/common/libpng | 2 +-
 lfs/libpng                     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/libpng b/config/rootfiles/common/libpng
index 5f3f801d5..9dfdef5c6 100644
--- a/config/rootfiles/common/libpng
+++ b/config/rootfiles/common/libpng
@@ -16,7 +16,7 @@ usr/lib/libpng.so
 #usr/lib/libpng16.la
 usr/lib/libpng16.so
 usr/lib/libpng16.so.16
-usr/lib/libpng16.so.16.50.0
+usr/lib/libpng16.so.16.51.0
 #usr/lib/pkgconfig/libpng.pc
 #usr/lib/pkgconfig/libpng16.pc
 #usr/share/man/man3/libpng.3
diff --git a/lfs/libpng b/lfs/libpng
index e181be4e3..545b3efef 100644
--- a/lfs/libpng
+++ b/lfs/libpng
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.6.50
+VER        = 1.6.51
 
 THISAPP    = libpng-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 
2191536b4448d3a058b9dbb31f3d780959c9daf7b104550cc89e8ae984a3c9f01b86bf6c6708983989b4bfbe7232e3716b8a3b8cd3313a12c31e0623b6241d11
+$(DL_FILE)_BLAKE2 = 
2d1ee36f9796e90a533abf26597df82c39cfab42f8d4044d35e0fdbab65612b9fc0234780677e2ea758450db9815b9d30870e8024bcebc0170c87361b7c4cc0a
 
 install : $(TARGET)
 
-- 
2.52.0

Reply via email to