summaryrefslogtreecommitdiff
path: root/ANNOUNCE
diff options
context:
space:
mode:
Diffstat (limited to 'ANNOUNCE')
-rw-r--r--ANNOUNCE111
1 files changed, 68 insertions, 43 deletions
diff --git a/ANNOUNCE b/ANNOUNCE
index ecc043db1..9f198806f 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE
@@ -1,5 +1,5 @@
-Libpng 1.6.9 - February 6, 2014
+Libpng 1.6.10 - March 6, 2014
This is a public release of libpng, intended for use in production codes.
@@ -8,56 +8,80 @@ Files available for download:
Source files with LF line endings (for Unix/Linux) and with a
"configure" script
- libpng-1.6.9.tar.xz (LZMA-compressed, recommended)
- libpng-1.6.9.tar.gz
+ libpng-1.6.10.tar.xz (LZMA-compressed, recommended)
+ libpng-1.6.10.tar.gz
Source files with CRLF line endings (for Windows), without the
"configure" script
- lpng169.7z (LZMA-compressed, recommended)
- lpng169.zip
+ lpng1610.7z (LZMA-compressed, recommended)
+ lpng1610.zip
Other information:
- libpng-1.6.9-README.txt
- libpng-1.6.9-LICENSE.txt
- Gnupg/*.asc (PGP armored detached signatures)
+ libpng-1.6.10-README.txt
+ libpng-1.6.10-LICENSE.txt
+ libpng-1.6.10-*.asc (armored detached GPG signatures)
-Changes since the last public release (1.6.8):
- Bookkeeping: Moved functions around (no changes). Moved transform
- function definitions before the place where they are called so that
- they can be masde static. Move the intrapixel functions and the
- grayscale palette builder out of the png?tran.c files. The latter
- isn't a transform function and is no longer used internally, and the
- former MNG specific functions are better placed in pngread/pngwrite.c
- Made transform implementation functions static. This makes the internal
- functions called by png_do_{read|write}_transformations static. On an
- x86-64 DLL build (Gentoo Linux) this reduces the size of the text
- segment of the DLL by 1208 bytes, about 0.6%. It also simplifies
- maintenance by removing the declarations from pngpriv.h and allowing
- easier changes to the internal interfaces.
- Rebuilt configure scripts with automake-1.14.1 and autoconf-2.69
- in the tar distributions.
- Added checks for libpng 1.5 to pngvalid.c. This supports the use of
- this version of pngvalid in libpng 1.5
- Merged with pngvalid.c from libpng-1.7 changes to create a single
- pngvalid.c
- Removed #error macro from contrib/tools/pngfix.c (Thomas Klausner).
- Merged pngrio.c, pngtrans.c, pngwio.c, and pngerror.c with libpng-1.7.0
- Merged libpng-1.7.0 changes to make no-interlace configurations work
- with test programs.
- Revised pngvalid.c to support libpng 1.5, which does not support the
- PNG_MAXIMUM_INFLATE_WINDOW option, so #define it out when appropriate in
- pngvalid.c
- Allow unversioned links created on install to be disabled in configure.
- In configure builds 'make install' changes/adds links like png.h
- and libpng.a to point to the newly installed, versioned, files (e.g.
- libpng17/png.h and libpng17.a). Three new configure options and some
- rearrangement of Makefile.am allow creation of these links to be disabled.
- Removed potentially misleading warning from png_check_IHDR().
- Updated scripts/makefile.* to use CPPFLAGS (Cosmin).
- Added clang attribute support (Cosmin).
- Quiet an uninitialized memory warning from VC2013 in png_get_png().
+Changes since the last public release (1.6.9):
+ Backported changes from libpng-1.7.0beta30 and beta31:
+ Fixed a large number of instances where PNGCBAPI was omitted from
+ function definitions.
+ Added pngimage test program for png_read_png() and png_write_png()
+ with two new test scripts.
+ Removed dependence on !PNG_READ_EXPAND_SUPPORTED for calling
+ png_set_packing() in png_read_png().
+ Fixed combination of ~alpha with shift. On read invert alpha, processing
+ occurred after shift processing, which causes the final values to be
+ outside the range that should be produced by the shift. Reversing the
+ order on read makes the two transforms work together correctly and mirrors
+ the order used on write.
+ Do not read invalid sBIT chunks. Previously libpng only checked sBIT
+ values on write, so a malicious PNG writer could therefore cause
+ the read code to return an invalid sBIT chunk, which might lead to
+ application errors or crashes. Such chunks are now skipped (with
+ chunk_benign_error).
+ Make png_read_png() and png_write_png() prototypes in png.h depend
+ upon PNG_READ_SUPPORTED and PNG_WRITE_SUPPORTED.
+ Support builds with unsupported PNG_TRANSFORM_* values. All of the
+ PNG_TRANSFORM_* values are always defined in png.h and, because they
+ are used for both read and write in some cases, it is not reliable
+ to #if out ones that are totally unsupported. This change adds error
+ detection in png_read_image() and png_write_image() to do a
+ png_app_error() if the app requests something that cannot be done
+ and it adds corresponding code to pngimage.c to handle such options
+ by not attempting to test them.
+ Moved redefines of png_error(), png_warning(), png_chunk_error(),
+ and png_chunk_warning() from pngpriv.h to png.h to make them visible
+ to libpng-calling applications.
+ Moved OS dependent code from arm/arm_init.c, to allow the included
+ implementation of the ARM NEON discovery function to be set at
+ build-time and provide sample implementations from the current code in the
+ contrib/arm-neon subdirectory. The __linux__ code has also been changed to
+ compile and link on Android by using /proc/cpuinfo, and the old linux code
+ is in contrib/arm-neon/linux-auxv.c. The new code avoids POSIX and Linux
+ dependencies apart from opening /proc/cpuinfo and is C90 compliant.
+ Check for info_ptr == NULL early in png_read_end() so we don't need to
+ run all the png_handle_*() and depend on them to return if info_ptr == NULL.
+ This improves the performance of png_read_end(png_ptr, NULL) and makes
+ it more robust against future programming errors.
+ Check for __has_extension before using it in pngconf.h, to
+ support older Clang versions (Jeremy Sequoia).
+ Treat CRC error handling with png_set_crc_action(), instead of with
+ png_set_benign_errors(), which has been the case since libpng-1.6.0beta18.
+ Use a user warning handler in contrib/gregbook/readpng2.c instead of default,
+ so warnings will be put on stderr even if libpng has CONSOLE_IO disabled.
+ Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
+ after recognizing the IDAT chunk, which avoids an infinite loop while
+ reading a datastream whose first IDAT chunk is of zero-length.
+ This fixes CERT VU#684412 and CVE-2014-0333.
+ Don't recognize known sRGB profiles as sRGB if they have been hacked,
+ but don't reject them and don't issue a copyright violation warning.
+ Moved some documentation from png.h to libpng.3 and libpng-manual.txt
+ Minor editing of contrib/arm-neon/README and contrib/examples/*.c
+ Fixed typos in the manual and in scripts/pnglibconf.dfa (CFLAGS -> CPPFLAGS
+ and PNG_USR_CONFIG -> PNG_USER_CONFIG).
+ Un-deprecated png_data_freer().
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
@@ -66,3 +90,4 @@ to subscribe)
or to glennrp at users.sourceforge.net
Glenn R-P
+#endif
View Lorry Controller Status