Hello community,
here is the log from the commit of package libpng16 for openSUSE:Factory
checked in at 2018-02-01 21:26:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libpng16 (Old)
and /work/SRC/openSUSE:Factory/.libpng16.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libpng16"
Thu Feb 1 21:26:04 2018 rev:37 rq:571330 version:1.6.34
Changes:
--------
--- /work/SRC/openSUSE:Factory/libpng16/libpng16.changes 2017-08-12
19:42:49.729133282 +0200
+++ /work/SRC/openSUSE:Factory/.libpng16.new/libpng16.changes 2018-02-01
21:26:05.706310202 +0100
@@ -1,0 +2,126 @@
+Wed Jan 31 09:57:56 UTC 2018 - pgaj...@suse.com
+
+- check with -j1
+
+-------------------------------------------------------------------
+Tue Jan 30 21:56:04 UTC 2018 - jeng...@inai.de
+
+- Fix SRPM group and grammar issues.
+
+-------------------------------------------------------------------
+Tue Jan 30 15:32:19 UTC 2018 - pgaj...@suse.com
+
+- removed obsoleted Obsoletes
+
+-------------------------------------------------------------------
+Sun Jan 28 02:00:45 UTC 2018 - avin...@opensuse.org
+
+- update to 1.6.34:
+ * Removed contrib/pngsuite/i*.png; some of these were incorrect
+ and caused test failures.
+- includes 1.6.33:
+ * Added PNGMINUS_UNUSED macro to contrib/pngminus/p*.c and added
+ missing parenthesis in contrib/pngminus/pnm2png.c
+ * Fixed off-by-one error in png_do_check_palette_indexes()
+ * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
+ to fix shortlived oss-fuzz issue 3234.
+ * Compute a larger limit on IDAT because some applications write
+ a deflate buffer for each row
+ * Use current date (DATE) instead of release-date (RDATE) in last
+ changed date of contrib/oss-fuzz files.
+ * Enabled ARM support in CMakeLists.txt
+ * Fixed incorrect typecast of some arguments to png_malloc() and
+ png_calloc() that were png_uint_32 instead of png_alloc_size_t
+ * Use pnglibconf.h.prebuilt when building for ANDROID with cmake
+ * Initialize memory allocated by png_inflate to zero, using
+ memset, to stop an oss-fuzz "use of uninitialized value"
+ detection in png_set_text_2() due to truncated iTXt or zTXt
+ chunk.
+ * Initialize memory allocated by png_read_buffer to zero, using
+ memset, to stop an oss-fuzz "use of uninitialized value"
+ detection in png_icc_check_tag_table() due to truncated iCCP
+ chunk.
+ * Removed redundant tests
+ * Added an interlaced version of each file in contrib/pngsuite.
+ * Relocate new memset() call in pngrutil.c
+ * Add support for loading images with associated alpha in the
+ Simplified API
+ * Revert contrib/oss-fuzz/libpng_read_fuzzer.cc to libpng-1.6.32
+ state
+ * Initialize png_handler.row_ptr in libpng_read_fuzzer.cc
+ * Add end_info structure and png_read_end() to the libpng fuzzer
+- includes 1.6.32:
+ * Avoid possible NULL dereference in png_handle_eXIf when
+ benign_errors are allowed. Avoid leaking the input buffer
+ "eXIf_buf".
+ * Eliminated png_ptr->num_exif member from pngstruct.h and added
+ num_exif to arguments for png_get_eXIf() and png_set_eXIf().
+ * Added calls to png_handle_eXIf(() in pngread.c and
+ png_write_eXIf() in pngwrite.c, and made various other fixes
+ to png_write_eXIf().
+ * Changed name of png_get_eXIF and png_set_eXIf() to
+ png_get_eXIf_1() and png_set_eXIf_1(), respectively, to avoid
+ breaking API compatibility with libpng-1.6.31.
+ * Updated contrib/libtests/pngunknown.c with eXIf chunk.
+ * Initialized btoa[] in pngstest.c
+ * Stop memory leak when returning from png_handle_eXIf() with an
+ error
+ * Replaced local eXIf_buf with info_ptr-eXIf_buf in png_handle_eXIf().
+ * Update libpng.3 and libpng-manual.txt about eXIf functions.
+ * Restored png_get_eXIf() and png_set_eXIf() to maintain API
+ compatability.
+ * Removed png_get_eXIf_1() and png_set_eXIf_1().
+ * Check length of all chunks except IDAT against user limit to
+ fix an OSS-fuzz issue (Fixes CVE-2017-12652)
+ * Check length of IDAT against maximum possible IDAT size,
+ accounting for height, rowbytes, interlacing and zlib/deflate
+ overhead.
+ * Restored png_get_eXIf_1() and png_set_eXIf_1(), because
+ strlen(eXIf_buf) does not work (the eXIf chunk data can
+ contain zeroes).
+ * Revised symlink creation, no longer using deprecated cmake
+ LOCATION feature
+ * Fixed five-byte error in the calculation of IDAT maximum
+ possible size.
+ * Moved chunk-length check into a png_check_chunk_length()
+ private function
+ * Moved bad pngs from tests to contrib/libtests/crashers
+ * Moved testing of bad pngs into a separate
+ tests/pngtest-badpngs script
+ * Added the --xfail (expected FAIL) option to pngtest.c. It
+ writes XFAIL in the output but PASS for the libpng test.
+ * Require cmake-3.0.2 in CMakeLists.txt
+ * Fix "const" declaration info_ptr argument to png_get_eXIf_1()
+ and the num_exif argument to png_get_eXIf_1()
+ * Added "eXIf" to "chunks_to_ignore[]" in png_set_keep_unknown_chunks().
+ * Added huge_IDAT.png and empty_ancillary_chunks.png to
+ testpngs/crashers.
+ * Make pngtest --strict, --relax, --xfail options imply -m
+ (multiple).
+ * Removed unused chunk_name parameter from png_check_chunk_length().
+ * Relocated setting free_me for eXIf data, to stop an OSS-fuzz'
+ leak.
+ * Initialize profile_header[] in png_handle_iCCP() to fix
+ OSS-fuzz issue.
+ * Initialize png_ptr->row_buf[0] to 255 in png_read_row() to fix
+ OSS-fuzz UMR.
+ * Attempt to fix a UMR in png_set_text_2() to fix OSS-fuzz issue.
+ * Increase minimum zlib stream from 9 to 14 in png_handle_iCCP(),
+ to account for the minimum 'deflate' stream, and relocate the
+ test to a point after the keyword has been read.
+ * Check that the eXIf chunk has at least 2 bytes and begins with
+ "II" or "MM".
+ * Added a set of "huge_xxxx_chunk.png" files to
+ contrib/testpngs/crashers, one for each known chunk type, with
+ length = 2GB-1.
+ * Check for 0 return from png_get_rowbytes() and added some
+ (size_t) typecasts in contrib/pngminus/*.c to stop some Coverity
+ issues (162705, 162706, and 162707).
+ * Renamed chunks in contrib/testpngs/crashers to avoid having
+ files whose names differ only in case; this causes problems with
+ some platforms
+ * Added contrib/oss-fuzz directory which contains files used by
+ the oss-fuzz project
+- cleanup with spec-cleaner
+
+-------------------------------------------------------------------
Old:
----
libpng-1.6.31.tar.xz
libpng-1.6.31.tar.xz.asc
New:
----
libpng-1.6.34.tar.xz
libpng-1.6.34.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libpng16.spec ++++++
--- /var/tmp/diff_new_pack.7tqzgM/_old 2018-02-01 21:26:06.482273933 +0100
+++ /var/tmp/diff_new_pack.7tqzgM/_new 2018-02-01 21:26:06.486273746 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libpng16
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,67 +19,53 @@
#
%define major 1
%define minor 6
-%define micro 31
+%define micro 34
%define branch %{major}%{minor}
%define libname libpng%{branch}-%{branch}
-
+%define debug_package_requires %{libname} = %{version}-%{release}
Name: libpng16
-Url: http://www.libpng.org/pub/png/libpng.html
Version: %{major}.%{minor}.%{micro}
Release: 0
Summary: Library for the Portable Network Graphics Format (PNG)
License: Zlib
-Group: System/Libraries
+Group: Development/Libraries/C and C++
+Url: http://www.libpng.org/pub/png/libpng.html
Source0:
ftp://ftp.simplesystems.org/pub/png/src/libpng16/libpng-%{version}.tar.xz
Source1:
ftp://ftp.simplesystems.org/pub/png/src/libpng16/libpng-%{version}.tar.xz.asc
Source2: libpng16.keyring
Source3: rpm-macros.libpng-tools
Source4: baselibs.conf
-#BuildRequires: gpg-offline
BuildRequires: libtool
-BuildRequires: pkg-config
+BuildRequires: pkgconfig
BuildRequires: zlib-devel
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-%define debug_package_requires %{libname} = %{version}-%{release}
%package -n %{libname}
Summary: Library for the Portable Network Graphics Format (PNG)
-# bug437293
Group: System/Libraries
-%ifarch ppc64
-Obsoletes: libpng-64bit
-%endif
-#
-Obsoletes: libpng < %{version}
-Provides: libpng = %{version}-%{release}
%package devel
-Summary: Development Tools for applications which will use the Libpng
+Summary: Development tools for applications which will use libpng
Group: Development/Libraries/C and C++
Requires: %{libname} = %{version}
Requires: glibc-devel
-Requires: pkg-config
+Requires: pkgconfig
Requires: zlib-devel
Recommends: libpng%{branch}-compat-devel
-# bug437293
-%ifarch ppc64
-Obsoletes: libpng-devel-64bit
-%endif
#
%package compat-devel
-Summary: Development Tools for applications which will use the Libpng
+Summary: Development tools for applications which will use libpng
Group: Development/Libraries/C and C++
Requires: libpng%{branch}-devel = %{version}
+Conflicts: libpng-devel
Provides: libpng-devel = %{version}
Obsoletes: libpng-devel < 1.2.44
-Conflicts: otherproviders(libpng-devel)
%package tools
Summary: Tools for Manipulating PNG Images
Group: Productivity/Graphics/Other
+Conflicts: libpng-tools
Provides: libpng-tools = %{version}
-Conflicts: otherproviders(libpng-tools)
%description
libpng is the official reference library for the Portable Network
@@ -108,11 +94,11 @@
PNG files.
%prep
-%setup -n libpng-%{version}
+%setup -q -n libpng-%{version}
%build
# PNG_SAFE_LIMITS_SUPPORTED:
http://www.openwall.com/lists/oss-security/2015/01/10/1
-export CFLAGS="%optflags -O3 -DPNG_SAFE_LIMITS_SUPPORTED
-DPNG_SKIP_SETJMP_CHECK $(getconf LFS_CFLAGS)"
+export CFLAGS="%{optflags} -O3 -DPNG_SAFE_LIMITS_SUPPORTED
-DPNG_SKIP_SETJMP_CHECK $(getconf LFS_CFLAGS)"
export LDFLAGS="-Wl,-z,relro,-z,now"
%configure \
@@ -120,25 +106,22 @@
make %{?_smp_mflags}
%check
-make check
+make -j1 check
%install
-make install DESTDIR=$RPM_BUILD_ROOT
-rm $RPM_BUILD_ROOT/%{_libdir}/libpng*.la
+%make_install
+rm %{buildroot}/%{_libdir}/libpng*.la
mkdir -p %{buildroot}%{_sysconfdir}/rpm
cp -a %{SOURCE3} \
%{buildroot}%{_sysconfdir}/rpm/macros.libpng-tools
%post -n %{libname} -p /sbin/ldconfig
-
%postun -n %{libname} -p /sbin/ldconfig
%files -n %{libname}
-%defattr(-,root,root)
%{_libdir}/libpng%{branch}.so.*
%files devel
-%defattr(-,root,root)
%{_bindir}/libpng%{branch}-config
%{_includedir}/libpng%{branch}
%{_libdir}/libpng%{branch}.so
@@ -146,17 +129,15 @@
%doc CHANGES README TODO ANNOUNCE LICENSE libpng-*.txt
%files compat-devel
-%defattr(-,root,root)
%{_bindir}/libpng-config
%{_includedir}/*.h
%{_libdir}/libpng.so
%{_libdir}/pkgconfig/libpng.pc
-%doc %{_mandir}/man3/libpng.3.gz
-%doc %{_mandir}/man3/libpngpf.3.gz
-%doc %{_mandir}/man5/png.5.gz
+%{_mandir}/man3/libpng.3%{ext_man}
+%{_mandir}/man3/libpngpf.3%{ext_man}
+%{_mandir}/man5/png.5%{ext_man}
%files tools
-%defattr(-,root,root)
%{_bindir}/png-fix-itxt
%{_bindir}/pngfix
%{_sysconfdir}/rpm/macros.libpng-tools
++++++ libpng-1.6.31.tar.xz -> libpng-1.6.34.tar.xz ++++++
++++ 3154 lines of diff (skipped)
