diff --git a/ANNOUNCE b/ANNOUNCE index ceff23dd..fd09da0f 100644 --- a/ANNOUNCE +++ b/ANNOUNCE @@ -41,7 +41,9 @@ Other information: Changes since the last public release (1.2.57): version 1.2.58beta01 [August 7, 2017] - Added png_check_chunk_length() function. + Added png_check_chunk_length() function, and check all chunks except + IDAT against the default 8MB limit; check IDAT against the maximum + size computed from IHDR parameters. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/CHANGES b/CHANGES index a1a45f3c..914ab1ac 100644 --- a/CHANGES +++ b/CHANGES @@ -2930,7 +2930,9 @@ version 1.0.67 and 1.2.57 [December 29, 2016] and patch by Patrick Keshishian, CVE-2016-10087). version 1.2.58beta01 [August 7, 2017] - Added png_check_chunk_length() function. + Added png_check_chunk_length() function, and check all chunks except + IDAT against the default 8MB limit; check IDAT against the maximum + size computed from IHDR parameters. Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit diff --git a/pngpread.c b/pngpread.c index 1c716893..470bc889 100644 --- a/pngpread.c +++ b/pngpread.c @@ -1,7 +1,7 @@ /* pngpread.c - read a png file in push mode * - * Last changed in libpng 1.2.58 [%RDATE%] + * Last changed in libpng 1.2.58 [(PENDING RELEASE)] * Copyright (c) 1998-2002,2004,2006-2015,2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) diff --git a/pngrutil.c b/pngrutil.c index b535deaa..f1c36211 100644 --- a/pngrutil.c +++ b/pngrutil.c @@ -1,7 +1,7 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.2.58 [%RDATE%] + * Last changed in libpng 1.2.58 [(PENDING RELEASE)] * Copyright (c) 1998-2002,2004,2006-2015,2017 Glenn Randers-Pehrson * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.)