Libpng 1.5.24 - November 12, 2015

This is a public release of libpng, intended for use in production codes.

Files available for download:

Source files with LF line endings (for Unix/Linux) and with a
"configure" script

  libpng-1.5.24.tar.xz (LZMA-compressed, recommended)
  libpng-1.5.24.tar.gz
  libpng-1.5.24.tar.bz2

Source files with CRLF line endings (for Windows), without the
"configure" script

  lpng1524.7z  (LZMA-compressed, recommended)
  lpng1524.zip

Other information:

  libpng-1.5.24-README.txt
  libpng-1.5.24-LICENSE.txt
  libpng-1.5.24-*.asc (armored detached GPG signatures)

Changes since the last public release (1.5.23):
 Avoid potentially dereferencing NULL info_ptr in png_info_init_3().
 Eliminated unused PNG_COST_SHIFT, PNG_WEIGHT_SHIFT, PNG_COST_FACTOR, and
   PNG_WEIGHT_FACTOR macros.
 Fixed potential leak of png_pixels in contrib/pngminus/pnm2png.c
 Fixed uninitialized variable in contrib/gregbook/rpng2-x.c
 Fixed some bad links in the man page.
 Safely convert num_bytes to a png_byte in png_set_sig_bytes() (Robert
   Seacord).
 Fixed the recently reported 1's complement security issue by replacing
   the value that is illegal in the PNG spec, in both signed and unsigned
   values, with 0. Illegal unsigned values (anything greater than or equal
   to  0x80000000) can still pass through, but since these are not illegal
   in ANSI-C (unlike 0x80000000 in the signed case) the checking that
   occurs later can catch them (John Bowler).
 Fixed png_save_int_32 when int is not 2's complement (John Bowler).
 Fixed byte order in png_do_read_filler() with 16-bit input (previously
   fixed in libpng-1.6.17 and 1.7.0beta46). Previously the high and
   low bytes of the filler, from png_set_filler() or from
   png_set_add_alpha(), were read in the wrong order.
 Merged pngvalid.c with version 1.6.19.
 Added sPLT support to pngtest.c
 Prevent writing over-length PLTE chunk (Cosmin Truta).
 Libpng incorrectly calculated the output rowbytes when the application
   decreased either the number of channels or the bit depth (or both) in
   a user transform.  This was safe; libpng overallocated buffer space
  (potentially by quite a lot; up to 4 times the amount required) but,
  from 1.5.4 on, resulted in a png_error (John Bowler).
 Silently truncate over-length PLTE chunk while reading.
 Fixed some inconsequential cut-and-paste typos in png_set_cHRM_XYZ_fixed().
 Clarified COPYRIGHT information to state explicitly that versions
   are derived from previous versions.
 Removed much of the long list of previous versions from png.h and
   libpng.3.

Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
https://lists.sourceforge.net/lists/listinfo/png-mng-implement
to subscribe)
or to glennrp at users.sourceforge.net

Glenn R-P

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.