| |
| Libpng 1.5.25 - December 3, 2015 |
| |
| This is a public release of libpng, intended for use in production codes. |
| |
| Files available for download: |
| |
| Source files with LF line endings (for Unix/Linux) and with a |
| "configure" script |
| |
| libpng-1.5.25.tar.xz (LZMA-compressed, recommended) |
| libpng-1.5.25.tar.gz |
| |
| Source files with CRLF line endings (for Windows), without the |
| "configure" script |
| |
| lpng1525.7z (LZMA-compressed, recommended) |
| lpng1525.zip |
| |
| Other information: |
| |
| libpng-1.5.25-README.txt |
| libpng-1.5.25-LICENSE.txt |
| libpng-1.5.25-*.asc (armored detached GPG signatures) |
| |
| Changes since the last public release (1.5.24): |
| |
| Avoid potential pointer overflow in png_handle_iTXt(), png_handle_zTXt(), |
| png_handle_sPLT(), and png_handle_pCAL() (Bug report by John Regehr). |
| Fixed incorrect implementation of png_set_PLTE() that uses png_ptr |
| not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 |
| vulnerability. |
| Backported tests from libpng-1.7.0beta69. |
| |
| Send comments/corrections/commendations to png-mng-implement at lists.sf.net |
| (subscription required; visit |
| https://lists.sourceforge.net/lists/listinfo/png-mng-implement |
| to subscribe) |
| or to glennrp at users.sourceforge.net |
| |
| Glenn R-P |
