On 25.05.2011 15:02, Andrey Chernov wrote:
There used to be concerns about security of animated PNG code, but today I can
> not find any advisories fresher than 2008:
>
> http://osvdb.org/show/osvdb/48766
Wrong place to find advisores related to subj. See
http://www.libpng.org/pub/png/libpng.html
page, right below yellow tables. Latest one fixed Feb 3 2011.
Your link has no information on ANIMATED png. The ANIMATED functionality has no
advisories since 2008...
> Various Mozilla applications will then be able to LIB_DEPEND on the installed
> png instead of building their own versions.
FYI: apng is quick hack to overcome animated gifs limitations and libpng
author is strongly against it, suggesting to use more flexible mng
instead:http://www.libpng.org/pub/mng
I have this information -- this was discussed (with your and my selves present)
back in 2008. But we are not going to change the way Mozilla projects are going
about this... Our options at this point are:
* continue building a private libpng as part of each Mozilla application -- a
silly redundancy of patches and waste of time and space;
* make a separate port (apng or mozilla-png) -- making sure, it does not
conflict with the "official" png;
* just turn the APNG option on by default in the existing png port...
I think, the third options is the easiest -- and it has NO downsides... Yours,
-mi
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
