Download raw body.
[update] png 1.6.52
CVE-2025-66293 (CVSS 7.1, High): Out-of-bounds read in
png_image_read_composite when processing palette PNG images with
partial transparency and gamma correction.
ok ? (and also for -stable)
Index: Makefile
===================================================================
RCS file: /local/cvs/ports/graphics/png/Makefile,v
diff -u -p -u -r1.144 Makefile
--- Makefile 24 Nov 2025 21:23:35 -0000 1.144
+++ Makefile 4 Dec 2025 07:24:03 -0000
@@ -4,7 +4,7 @@
COMMENT= library for manipulating PNG images
-VERSION= 1.6.51
+VERSION= 1.6.52
DISTNAME= libpng-${VERSION}
PKGNAME= png-${VERSION}
CATEGORIES= graphics
Index: distinfo
===================================================================
RCS file: /local/cvs/ports/graphics/png/distinfo,v
diff -u -p -u -r1.73 distinfo
--- distinfo 24 Nov 2025 21:23:35 -0000 1.73
+++ distinfo 4 Dec 2025 07:24:03 -0000
@@ -1,2 +1,2 @@
-SHA256 (libpng-1.6.51.tar.xz) = oFCoktO0p7sBDDqVxzAeSWVtcqZPH8cJqQuK3tGSvtI=
-SIZE (libpng-1.6.51.tar.xz) = 1060772
+SHA256 (libpng-1.6.52.tar.xz) = Nr1yYijsk6O2wi/bSelKZ7FvL+mzm3i3y2V3KWZmHMw=
+SIZE (libpng-1.6.52.tar.xz) = 1063580
--
Matthieu Herrb
[update] png 1.6.52