[libpng16] Mention CERT VU#684412 and CVE-2014-0333 in CHANGES and ANNOUNCE.
This commit is contained in:
Glenn Randers-Pehrson
parent
2fff8078dc
commit
9f0ac8548b
1
ANNOUNCE
1
ANNOUNCE
@ -79,6 +79,7 @@ Version 1.6.10beta02 [February 23, 2014]
|
|||||||
Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
|
Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
|
||||||
after recognizing the IDAT chunk, which avoids an infinite loop while
|
after recognizing the IDAT chunk, which avoids an infinite loop while
|
||||||
reading a datastream whose first IDAT chunk is of zero-length.
|
reading a datastream whose first IDAT chunk is of zero-length.
|
||||||
|
This fixes CERT VU#684412 and CVE-2014-0333.
|
||||||
Don't recognize known sRGB profiles as sRGB if they have been hacked,
|
Don't recognize known sRGB profiles as sRGB if they have been hacked,
|
||||||
but don't reject them and don't issue a copyright violation warning.
|
but don't reject them and don't issue a copyright violation warning.
|
||||||
|
|
||||||
|
|||||||
1
CHANGES
1
CHANGES
@ -4853,6 +4853,7 @@ Version 1.6.10beta02 [February 23, 2014]
|
|||||||
Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
|
Added png_ptr->process_mode = PNG_READ_IDAT_MODE in png_push_read_chunk
|
||||||
after recognizing the IDAT chunk, which avoids an infinite loop while
|
after recognizing the IDAT chunk, which avoids an infinite loop while
|
||||||
reading a datastream whose first IDAT chunk is of zero-length.
|
reading a datastream whose first IDAT chunk is of zero-length.
|
||||||
|
This fixes CERT VU#684412 and CVE-2014-0333.
|
||||||
Don't recognize known sRGB profiles as sRGB if they have been hacked,
|
Don't recognize known sRGB profiles as sRGB if they have been hacked,
|
||||||
but don't reject them and don't issue a copyright violation warning.
|
but don't reject them and don't issue a copyright violation warning.
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user