[Bug 291266] graphics/png update to 1.6.52

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 291266] graphics/png update to 1.6.51"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 07 Dec 2025 12:37:33 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291266

--- Comment #23 from commit-hook@FreeBSD.org ---
A commit in branch 2025Q4 references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=b6cf7cefbe981400d989aa5f0d000e3b49f8ce50

commit b6cf7cefbe981400d989aa5f0d000e3b49f8ce50
Author:     Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2025-12-05 20:15:37 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2025-12-07 12:15:28 +0000

    graphics/png: security update to 1.6.52

    Note this isn't the offered patch from the PR, but one that
    instead puts the APNG patch version into a variable.

    Reported by:    FiLiS
    Approved by:    desktop@ (vishwin)
    PR:             291266
    MFH:            2025Q4 (after a few days)

    png -- Multiple vulnerabilities
    Security:       CVE-2025-64505
    Security:       CVE-2025-64506
    Security:       CVE-2025-64720
    Security:       CVE-2025-65018
    Security:       4b297f5a-cbad-11f0-ac9f-b42e991fc52e

    png -- Out-of-bounds read
    Security:       CVE-2025-66293
    Security:       f323f148-d181-11f0-841f-843a4b343614

    (cherry picked from commit f1bbe43c186c567cd96c0a5c6fd0c1a159accaf9)

 graphics/png/Makefile  |  7 ++++---
 graphics/png/distinfo  | 10 +++++-----
 graphics/png/pkg-plist |  2 +-
 3 files changed, 10 insertions(+), 9 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.