ANNOUNCE - third_party/libpng - Git at Google

 libpng 1.6.57.git
 =================

 This is a development version, not intended to be a public release.
 It will be replaced by a public release, or by another development
 version, at a later time.


 libpng 1.6.56 - March 25, 2026
 ==============================

 This is a public release of libpng, intended for use in production code.


 Files available for download
 ----------------------------

 Source files:

  * libpng-1.6.56.tar.xz (LZMA-compressed, recommended)
  * libpng-1.6.56.tar.gz (deflate-compressed)
  * lpng1656.7z (LZMA-compressed)
  * lpng1656.zip (deflate-compressed)

 Other information:

  * README.md
  * LICENSE.md
  * AUTHORS.md
  * TRADEMARK.md


 Changes from version 1.6.55 to version 1.6.56
 ---------------------------------------------

  * Fixed CVE-2026-33416 (high severity):
    Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`.
    (Reported by Halil Oktay and Ryo Shimada;
    fixed by Halil Oktay and Cosmin Truta.)
  * Fixed CVE-2026-33636 (high severity):
    Out-of-bounds read/write in the palette expansion on ARM Neon.
    (Reported by Taegu Ha; fixed by Taegu Ha and Cosmin Truta.)
  * Fixed uninitialized reads beyond `num_trans` in `trans_alpha` buffers.
    (Contributed by Halil Oktay.)
  * Fixed stale `info_ptr->palette` after in-place gamma and background
    transforms.
  * Fixed wrong channel indices in `png_image_read_and_map` RGB_ALPHA path.
    (Contributed by Yuelin Wang.)
  * Fixed wrong background color in colormap read.
    (Contributed by Yuelin Wang.)
  * Fixed dead loop in sPLT write.
    (Contributed by Yuelin Wang.)
  * Added missing null pointer checks in four public API functions.
    (Contributed by Yuelin Wang.)
  * Validated shift bit depths in `png_set_shift` to prevent infinite loop.
    (Contributed by Yuelin Wang.)
  * Avoided undefined behavior in library and tests.
  * Deprecated the hardly-ever-tested POINTER_INDEXING config option.
  * Added negative-stride test coverage for the simplified API.
  * Fixed memory leaks and API misuse in oss-fuzz.
    (Contributed by Owen Sanzas.)
  * Implemented various fixes and improvements in oss-fuzz.
    (Contributed by Bob Friesenhahn and Philippe Antoine.)
  * Performed various refactorings and cleanups.


 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
 Subscription is required; visit
 <https://lists.sourceforge.net/lists/listinfo/png-mng-implement>
 to subscribe.
	libpng 1.6.57.git
	=================

	This is a development version, not intended to be a public release.
	It will be replaced by a public release, or by another development
	version, at a later time.


	libpng 1.6.56 - March 25, 2026
	==============================

	This is a public release of libpng, intended for use in production code.


	Files available for download
	----------------------------

	Source files:

	* libpng-1.6.56.tar.xz (LZMA-compressed, recommended)
	* libpng-1.6.56.tar.gz (deflate-compressed)
	* lpng1656.7z (LZMA-compressed)
	* lpng1656.zip (deflate-compressed)

	Other information:

	* README.md
	* LICENSE.md
	* AUTHORS.md
	* TRADEMARK.md


	Changes from version 1.6.55 to version 1.6.56
	---------------------------------------------

	* Fixed CVE-2026-33416 (high severity):
	Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`.
	(Reported by Halil Oktay and Ryo Shimada;
	fixed by Halil Oktay and Cosmin Truta.)
	* Fixed CVE-2026-33636 (high severity):
	Out-of-bounds read/write in the palette expansion on ARM Neon.
	(Reported by Taegu Ha; fixed by Taegu Ha and Cosmin Truta.)
	* Fixed uninitialized reads beyond `num_trans` in `trans_alpha` buffers.
	(Contributed by Halil Oktay.)
	* Fixed stale `info_ptr->palette` after in-place gamma and background
	transforms.
	* Fixed wrong channel indices in `png_image_read_and_map` RGB_ALPHA path.
	(Contributed by Yuelin Wang.)
	* Fixed wrong background color in colormap read.
	(Contributed by Yuelin Wang.)
	* Fixed dead loop in sPLT write.
	(Contributed by Yuelin Wang.)
	* Added missing null pointer checks in four public API functions.
	(Contributed by Yuelin Wang.)
	* Validated shift bit depths in `png_set_shift` to prevent infinite loop.
	(Contributed by Yuelin Wang.)
	* Avoided undefined behavior in library and tests.
	* Deprecated the hardly-ever-tested POINTER_INDEXING config option.
	* Added negative-stride test coverage for the simplified API.
	* Fixed memory leaks and API misuse in oss-fuzz.
	(Contributed by Owen Sanzas.)
	* Implemented various fixes and improvements in oss-fuzz.
	(Contributed by Bob Friesenhahn and Philippe Antoine.)
	* Performed various refactorings and cleanups.


	Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
	Subscription is required; visit
	<https://lists.sourceforge.net/lists/listinfo/png-mng-implement>
	to subscribe.