[libpng16] Fixed a syntax error in tests/pngstest that some shells other than

bash could not parse (Bug report by Nelson Beebe).

ANNOUNCE

@@ -1,47 +1,33 @@
-Libpng 1.6.20 - December 3, 2015
+Libpng 1.6.21beta01 - December 9, 2015
 
-This is a public release of libpng, intended for use in production codes.
+This is not intended to be a public release.  It will be replaced
+within a few weeks by a public version or by another test version.
 
 Files available for download:
 
 Source files with LF line endings (for Unix/Linux) and with a
 "configure" script
 
-   libpng-1.6.20.tar.xz (LZMA-compressed, recommended)
+   1.6.21beta01.tar.xz (LZMA-compressed, recommended)
-   libpng-1.6.20.tar.gz
+   1.6.21beta01.tar.gz
 
 Source files with CRLF line endings (for Windows), without the
 "configure" script
 
-   /scratch/glennrp/Libpng16/lpng1620.7z  (LZMA-compressed, recommended)
+   /scratch/glennrp/Libpng16/lp1621b01.7z  (LZMA-compressed, recommended)
-   /scratch/glennrp/Libpng16/lpng1620.zip
+   /scratch/glennrp/Libpng16/lp1621b01.zip
 
 Other information:
 
-   libpng-1.6.20-README.txt
+   1.6.21beta01-README.txt
-   libpng-1.6.20-LICENSE.txt
+   1.6.21beta01-LICENSE.txt
-   libpng-1.6.20-*.asc (armored detached GPG signatures)
+   libpng-1.6.21beta01-*.asc (armored detached GPG signatures)
 
-Changes since the last public release (1.6.19):
+Changes since the last public release (1.6.20):
-  Avoid potential pointer overflow/underflow in png_handle_sPLT() and
+
-    png_handle_pCAL() (Bug report by John Regehr).
+Version 1.6.21beta01 [December 9, 2015]
-  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
+  Fixed a syntax error in tests/pngstest that some shells other than
-    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
+    bash could not parse (Bug report by Nelson Beebe).
-    vulnerability.
-  Backported tests from libpng-1.7.0beta69.
-  Fixed an error in handling of bad zlib CMINFO field in pngfix, found by
-    American Fuzzy Lop, reported by Brian Carpenter.  inflate() doesn't
-    immediately fault a bad CMINFO field; instead a 'too far back' error
-    happens later (at least some times).  pngfix failed to limit CMINFO to
-    the allowed values but then assumed that window_bits was in range,
-    triggering an assert. The bug is mostly harmless; the PNG file cannot
-    be fixed.
-  In libpng 1.6 zlib initialization was changed to use the window size
-    in the zlib stream, not a fixed value. This causes some invalid images,
-    where CINFO is too large, to display 'correctly' if the rest of the
-    data is valid.  This provides a workaround for zlib versions where the
-    error arises (ones that support the API change to use the window size
-    in the stream).
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

CHANGES

@@ -5421,7 +5421,7 @@ Version 1.6.20beta01 [November 20, 2015]
 Version 1.6.20beta02 [November 23, 2015]
   Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
     not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
-    vulnerability.
+    vulnerability.  Fixes CVE-2015-8472.
 
 Version 1.6.20beta03 [November 24, 2015]
   Backported tests from libpng-1.7.0beta69.
@@ -5446,6 +5446,10 @@ Version 1.6.20rc02 [November 29, 2015]
 Version 1.6.20 [December 3, 2015]
   No changes.
 
+Version 1.6.21beta01 [December 9, 2015]
+  Fixed a syntax error in tests/pngstest that some shells other than
+    bash could not parse (Bug report by Nelson Beebe).
+
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit
 https://lists.sourceforge.net/lists/listinfo/png-mng-implement

tests/pngstest

@@ -17,7 +17,8 @@ gamma="$1"
 shift
 alpha="$1"
 shift
-exec ./pngstest --tmpfile "${gamma}-${alpha}-" --log ${1+"$@"} $(
+exec ./pngstest --tmpfile "${gamma}-${alpha}-" --log ${1+"$@"}
+(
    for f in "${srcdir}/contrib/testpngs/"*.png
    do
       g=