From 9f1aa186e68fccb6293dfaeedbec956d151fadfb Mon Sep 17 00:00:00 2001
From: Glenn Randers-Pehrson <glennrp at users.sourceforge.net>
Date: Thu, 10 Apr 2014 16:46:35 -0500
Subject: [PATCH] [libpng16] Added two CVE numbers to the January 2013 entry in
 the CHANGES file.

---
 CHANGES | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 38731b749..1f797add2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4345,8 +4345,9 @@ Version 1.6.0beta37 [January 10, 2013]
     programs to generate and test a PNG which should have the problem.
 
 Version 1.6.0beta39 [January 19, 2013]
-  Again corrected attempt at overflow detection in png_set_unknown_chunks().
-  Added overflow detection in png_set_sPLT() and png_set_text_2().
+  Again corrected attempt at overflow detection in png_set_unknown_chunks()
+  (CVE-2013-7353).  Added overflow detection in png_set_sPLT() and
+  png_set_text_2() (CVE-2013-7354).
 
 Version 1.6.0beta40 [January 20, 2013]
   Use consistent handling of overflows in text, sPLT and unknown png_set_* APIs
@@ -4895,8 +4896,9 @@ Version 1.6.11beta02 [April 6, 2014]
 Version 1.6.11beta03 [April 6, 2014]
   Fixed a typo in pngrutil.c, introduced in libpng-1.5.6, that interferes
     with "blocky" expansion of sub-8-bit interlaced PNG files (Eric Huss).
+  Optionally use  __builtin_bswap16() in png_do_swap().
 
-Version 1.6.11beta04 [April 6, 2014]
+Version 1.6.11beta04 [April 10, 2014]
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit