stu1130 opened a new pull request #14620: [WIP][Dependency Update] Upgrade the libpng to 1.6.35 URL: https://github.com/apache/incubator-mxnet/pull/14620 ## Description ## Upgrade the libpng package to **1.6.35** due to following issues at 1.6.34. 1. [SEGV in function png_free_data](https://github.com/glennrp/libpng/issues/238) more on [link1](https://github.com/fouzhe/security/tree/master/libpng), [link2](http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html) 2. [Division by zero causes LibPNG to crash](https://sourceforge.net/p/libpng/bugs/278/) more on [link](https://www.cvedetails.com/cve/CVE-2018-13785/) Not that the latest stable version is **1.6.36** but have one memory leak issue [memory leak in png_create_info_struct](https://github.com/glennrp/libpng/issues/269) ## Checklist ## ### Essentials ### Please feel free to remove inapplicable items for your PR. - [ ] Test build with Ubuntu 14.04 - [ ] Test build with Ubuntu 16.04 ### Changes ### ## Comments ##
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services