commit | c76f557eefa2ce1f17ecd948186a1fb3dc4d2ba3 | [log] [tgz] |
---|---|---|
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | Thu Dec 03 18:48:07 2015 -0300 |
committer | Peter Korsgaard <peter@korsgaard.com> | Fri Dec 04 22:02:01 2015 +0100 |
tree | 643b3e5cad91f4162737232d8aa713fa6947e35a | |
parent | c0c568ddd6e731d89c7ed708ca17079c31f42b36 [diff] |
libpng: security bump to version 1.6.20 Fixes: CVE-2015-8126 - incorrect implementation of png_set_PLTE() that uses png_ptr not info_ptr, that left png_set_PLTE() open to this vuln. (fix in previous release was incomplete) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 371e2f7f3c2f66eadba91e5d33c32f462f9691b7)