blob: fb6eee581ac07eec32f9fd834d80f678dd898141 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
libpng 1.6.54 - January 12, 2026
================================
This is a public release of libpng, intended for use in production code.
Files available for download
----------------------------
Source files:
* libpng-1.6.54.tar.xz (LZMA-compressed, recommended)
* libpng-1.6.54.tar.gz (deflate-compressed)
* lpng1654.7z (LZMA-compressed)
* lpng1654.zip (deflate-compressed)
Other information:
* README.md
* LICENSE.md
* AUTHORS.md
* TRADEMARK.md
Changes from version 1.6.53 to version 1.6.54
---------------------------------------------
* Fixed CVE-2026-22695 (medium severity):
Heap buffer over-read in `png_image_read_direct_scaled.
(Reported and fixed by Petr Simecek.)
* Fixed CVE-2026-22801 (medium severity):
Integer truncation causing heap buffer over-read in `png_image_write_*`.
* Implemented various improvements in oss-fuzz.
(Contributed by Philippe Antoine.)
Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
Subscription is required; visit
https://lists.sourceforge.net/lists/listinfo/png-mng-implement
to subscribe.
|
