blob: 83bf76ebbdb201eb48fb0d851ed93af6807c6e32 [file] [log] [blame]
libpng 1.6.38.git
This is a development version, not intended to be a public release.
It will be replaced by a public release, or by another development
version, at a later time.
libpng 1.6.37 - April 14, 2019
This is a public release of libpng, intended for use in production code.
Files available for download
Source files with LF line endings (for Unix/Linux):
* libpng-1.6.37.tar.xz (LZMA-compressed, recommended)
* libpng-1.6.37.tar.gz
Source files with CRLF line endings (for Windows):
* lp1637.7z (LZMA-compressed, recommended)
Other information:
Changes since the previous public release (version 1.6.36)
* Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
* Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
* Fixed a memory leak in pngtest.c.
* Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
contrib/pngminus; refactor.
* Changed the license of contrib/pngminus to MIT; refresh makefile and docs.
(Contributed by Willem van Schaik)
* Fixed a typo in the libpng license v2.
(Contributed by Miguel Ojeda)
* Added makefiles for AddressSanitizer-enabled builds.
* Cleaned up various makefiles.
Send comments/corrections/commendations to png-mng-implement at
Subscription is required; visit
to subscribe.