News and History of the PNG Development Group from 2012
Herein lie news items and historical stuff primarily of interest to the
Portable Network Graphics Development Group itself. Feel free to poke
around even if you're not a member, though. Note that some of the links,
particularly the older ones, are broken; in some cases this is explained by
later entries. Other links (CompuServe, tcg.arl.mil) have fallen prey to
reorganizations or upgrades; should they ever reappear, the entries below
will be updated as needed.
Keep in mind that this is history here...
- current - see here
- 27 September 2012 - libpng 1.5.13
is released with a fix for a potential crash
bug (specific to the 1.5 branch) when writing PNGs using the
png_set_filler() call to strip a filler channel. The release
also contains some minor fixes and cleanups.
- 10 July 2012 - libpng 1.5.12
(and 1.4.12, 1.2.50, and 1.0.60) is released with a
fix for a minor
(CVE-2012-3386) in Makefile.in
(used by configure). Only users who run make distcheck
are affected. (No non-build-related sources were changed in this
- 14 June 2012 - libpng 1.5.11
is released with minor cleanups.
- 2 May 2012 - zlib 1.2.7
is released with small fixes and two new features: the addition of "x"
(O_EXCL) and "e" (O_CLOEXEC) modes to
gzopen(), and a new (Windows-only) gzopen_w() function
for wide-character pathnames.
- 29 March 2012 - libpng 1.5.10
(and 1.4.11, 1.2.49, and 1.0.59) is released with a
fix for a serious
(This bug also was first "reported" as part of a Chromium release.)
- 18 February 2012 - libpng 1.5.9
(and 1.4.9, 1.2.47, and 1.0.57) is released with a
fix for a more serious
png_decompress_chunk(), which affects 32-bit systems.
(The bug, and a fix for it, was first published as part of Chromium
- 1 February 2012 - libpng 1.5.8
is released with a fix for a one-byte
png_formatted_warning(). This can cause a crash in certain
cases (e.g., Apple apps compiled with -fstack-protector), and
it could conceivably result in execution of hostile
code, though no exploit is currently known to exist. The bug
appears to have been introduced in libpng 1.5.4.
- 29 January 2012 - zlib 1.2.6
is released with a number of new features and improvements, particularly
in the gz* convenience functions for gzip streams and in the
low-level deflate functions.
Here are some related PNG pages at this site:
Last modified 27 January 2013.
Copyright © 1995-2013 Greg Roelofs.