Thursday 7th July 2011
Fedora Project
Updated libpng10 to 1.0.55 in Rawhide only, as there appears to be a regression in the Makefile regarding creation of libpng.sym that breaks the build; I patched that part of the Makefile back to the same as it was in 1.0.54 for this build
Fixed uninitialized memory read in png_format_buffer() (CVE-2011-2501, related to CVE-2004-0421)
Pass "" instead of '\0' to png_default_error() in png_err()
Check for up->location !PNG_AFTER_IDAT when writing unknown chunks before IDAT
Ported bug-fix in pngrtran.c from 1.5.3: when expanding a paletted image, always expand to RGBA if transparency is present
Check for integer overflow in png_set_rgb_to_gray()
Check for sCAL chunk too short
Local Packages
Updated libpng10 to 1.0.55 as per the Fedora version
Updated perl-File-HomeDir to 0.98:
Updating to Module::Install 1.01
If Win32::GetFolderPath returns a \\UNC type path, do not do the normal -d sanity check, as strange and unusual bugs may occur
Updated perl-Pod-Coverage-TrustPod to 0.100001:
Anchor the regex at both ends when matching symbols: /\A...\z/
Updated perl-XML-LibXML to 1.78:
Change t/02parse.t to test for the localized error message (CPAN RT#69248)
Fix the skip() and 'plan skip_all' syntax in t/06elements.t and t/49global_extent.t
Convert more test scripts from Test.pm to Test::More