libpng 1.6.57

git-svn-id: svn://tug.org/texlive/trunk/Build/source@78651 c570f23f-e606-0410-a88d-b1316a301751

Author: Akira Kakuto

libs/README

@@ -37,7 +37,7 @@ icu 78.2 - checked 21jan26
 libpaper 1.1.29 - checked 07jan24
   https://ftp.debian.org/debian/pool/main/libp/libpaper/
 
-libpng 1.6.56 - checked 26mar26
+libpng 1.6.57 - checked 10apr26
   https://sourceforge.net/projects/libpng/files/ - used by many
 
 lua 5.3.6 - checked 04oct20

libs/libpng/ChangeLog

@@ -1,3 +1,8 @@
+2026-04-10 Akira Kakuto  <kakuto@jcom.zaq.ne.jp>
+
+	Import libpng-1.6.57.
+	* version.ac: Adjust.
+
 2026-03-26 Akira Kakuto  <kakuto@jcom.zaq.ne.jp>
 
 	Import libpng-1.6.56.

libs/libpng/README

@@ -1,4 +1,4 @@
-	Building libpng-1.6.56 as part of the TL tree
+	Building libpng-1.6.57 as part of the TL tree
 	=============================================
 
 This directory libs/libpng/ uses a proxy Makefile.am to build the libpng library
@@ -14,4 +14,4 @@ copied to libs/libpng/configure.ac.
 =============================
 
 2009-07-23	Peter Breitenlohner <peb@mppmu.mpg.de>
-2026-03-26	Akira Kakuto <kakuto@jcom.zaq.ne.jp>
+2026-04-10	Akira Kakuto <kakuto@jcom.zaq.ne.jp>

libs/libpng/TLpatches/ChangeLog

@@ -1,3 +1,7 @@
+2026-04-10  Akira Kakuto <kakuto@jcom.zaq.ne.jp>
+
+	Import libpng-1.6.57.
+
 2026-03-26  Akira Kakuto <kakuto@jcom.zaq.ne.jp>
 
 	Import libpng-1.6.56.

libs/libpng/TLpatches/TL-Changes

@@ -1,5 +1,5 @@
-Changes applied to the libpng-1.6.56/ tree as obtained from:
-	https://sourceforge.net/projects/libpng/files/libpng16/1.6.56/
+Changes applied to the libpng-1.6.57/ tree as obtained from:
+	https://sourceforge.net/projects/libpng/files/libpng16/1.6.57/
 
 Copied:
 	scripts/pnglibconf.h.prebuilt -> pnglibconf.h

libs/libpng/configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.72 for libpng (TeX Live) 1.6.56.
+# Generated by GNU Autoconf 2.72 for libpng (TeX Live) 1.6.57.
 #
 # Report bugs to <tex-k@tug.org>.
 #
@@ -604,8 +604,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='libpng (TeX Live)'
 PACKAGE_TARNAME='libpng--tex-live-'
-PACKAGE_VERSION='1.6.56'
-PACKAGE_STRING='libpng (TeX Live) 1.6.56'
+PACKAGE_VERSION='1.6.57'
+PACKAGE_STRING='libpng (TeX Live) 1.6.57'
 PACKAGE_BUGREPORT='tex-k@tug.org'
 PACKAGE_URL=''
 
@@ -1342,7 +1342,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-'configure' configures libpng (TeX Live) 1.6.56 to adapt to many kinds of systems.
+'configure' configures libpng (TeX Live) 1.6.57 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1414,7 +1414,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of libpng (TeX Live) 1.6.56:";;
+     short | recursive ) echo "Configuration of libpng (TeX Live) 1.6.57:";;
    esac
   cat <<\_ACEOF
 
@@ -1534,7 +1534,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-libpng (TeX Live) configure 1.6.56
+libpng (TeX Live) configure 1.6.57
 generated by GNU Autoconf 2.72
 
 Copyright (C) 2023 Free Software Foundation, Inc.
@@ -1861,7 +1861,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by libpng (TeX Live) $as_me 1.6.56, which was
+It was created by libpng (TeX Live) $as_me 1.6.57, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -4829,7 +4829,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='libpng--tex-live-'
- VERSION='1.6.56'
+ VERSION='1.6.57'
 
 
 printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h
@@ -8130,7 +8130,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by libpng (TeX Live) $as_me 1.6.56, which was
+This file was extended by libpng (TeX Live) $as_me 1.6.57, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -8198,7 +8198,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-libpng (TeX Live) config.status 1.6.56
+libpng (TeX Live) config.status 1.6.57
 configured by $0, generated by GNU Autoconf 2.72,
   with options \\"\$ac_cs_config\\"
 

libs/libpng/libpng-src/ANNOUNCE

@@ -1,5 +1,5 @@
-libpng 1.6.56 - March 25, 2026
-==============================
+libpng 1.6.57 - April 8, 2026
+=============================
 
 This is a public release of libpng, intended for use in production code.
 
@@ -9,10 +9,10 @@ Files available for download
 
 Source files:
 
- * libpng-1.6.56.tar.xz (LZMA-compressed, recommended)
- * libpng-1.6.56.tar.gz (deflate-compressed)
- * lpng1656.7z (LZMA-compressed)
- * lpng1656.zip (deflate-compressed)
+ * libpng-1.6.57.tar.xz (LZMA-compressed, recommended)
+ * libpng-1.6.57.tar.gz (deflate-compressed)
+ * lpng1657.7z (LZMA-compressed)
+ * lpng1657.zip (deflate-compressed)
 
 Other information:
 
@@ -22,38 +22,18 @@ Other information:
  * TRADEMARK.md
 
 
-Changes from version 1.6.55 to version 1.6.56
+Changes from version 1.6.56 to version 1.6.57
 ---------------------------------------------
 
- * Fixed CVE-2026-33416 (high severity):
-   Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`.
-   (Reported by Halil Oktay and Ryo Shimada;
-   fixed by Halil Oktay and Cosmin Truta.)
- * Fixed CVE-2026-33636 (high severity):
-   Out-of-bounds read/write in the palette expansion on ARM Neon.
-   (Reported by Taegu Ha; fixed by Taegu Ha and Cosmin Truta.)
- * Fixed uninitialized reads beyond `num_trans` in `trans_alpha` buffers.
-   (Contributed by Halil Oktay.)
- * Fixed stale `info_ptr->palette` after in-place gamma and background
-   transforms.
- * Fixed wrong channel indices in `png_image_read_and_map` RGB_ALPHA path.
-   (Contributed by Yuelin Wang.)
- * Fixed wrong background color in colormap read.
-   (Contributed by Yuelin Wang.)
- * Fixed dead loop in sPLT write.
-   (Contributed by Yuelin Wang.)
- * Added missing null pointer checks in four public API functions.
-   (Contributed by Yuelin Wang.)
- * Validated shift bit depths in `png_set_shift` to prevent infinite loop.
-   (Contributed by Yuelin Wang.)
- * Avoided undefined behavior in library and tests.
- * Deprecated the hardly-ever-tested POINTER_INDEXING config option.
- * Added negative-stride test coverage for the simplified API.
- * Fixed memory leaks and API misuse in oss-fuzz.
-   (Contributed by Owen Sanzas.)
- * Implemented various fixes and improvements in oss-fuzz.
-   (Contributed by Bob Friesenhahn and Philippe Antoine.)
- * Performed various refactorings and cleanups.
+ * Fixed CVE-2026-34757 (medium severity):
+   Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST`
+   leading to corrupted chunk data and potential heap information disclosure.
+   Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`,
+   `png_set_unknown_chunks`) against a theoretical variant of the same
+   aliasing pattern.
+   (Reported by Iv4n <Iv4n550@users.noreply.github.com>.)
+ * Fixed integer overflow in rowbytes computation in read transforms.
+   (Contributed by Mohammad Seet.)
 
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.

libs/libpng/libpng-src/AUTHORS

@@ -27,6 +27,7 @@ Authors, for copyright and licensing purposes.
  * Mans Rullgard
  * Matt Sarett
  * Mike Klein
+ * Mohammad Seet
  * Pascal Massimino
  * Paul Schmidt
  * Petr Simecek

libs/libpng/libpng-src/CHANGES

@@ -6368,6 +6368,17 @@ Version 1.6.56 [March 25, 2026]
     (Contributed by Bob Friesenhahn and Philippe Antoine.)
   Performed various refactorings and cleanups.
 
+Version 1.6.57 [April 8, 2026]
+  Fixed CVE-2026-34757 (medium severity):
+    Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST`
+    leading to corrupted chunk data and potential heap information disclosure.
+    Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`,
+    `png_set_unknown_chunks`) against a theoretical variant of the same
+    aliasing pattern.
+    (Reported by Iv4n <Iv4n550@users.noreply.github.com>.)
+  Fixed integer overflow in rowbytes computation in read transforms.
+    (Contributed by Mohammad Seet.)
+
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
 Subscription is required; visit
 <https://lists.sourceforge.net/lists/listinfo/png-mng-implement>

libs/libpng/libpng-src/CMakeLists.txt

@@ -18,7 +18,7 @@ cmake_minimum_required(VERSION 3.14...4.2)
 
 set(PNGLIB_MAJOR 1)
 set(PNGLIB_MINOR 6)
-set(PNGLIB_REVISION 56)
+set(PNGLIB_REVISION 57)
 set(PNGLIB_SUBREVISION 0)
 #set(PNGLIB_SUBREVISION "git")
 set(PNGLIB_VERSION ${PNGLIB_MAJOR}.${PNGLIB_MINOR}.${PNGLIB_REVISION})
@@ -624,6 +624,9 @@ set(pngvalid_sources
 set(pngstest_sources
     contrib/libtests/pngstest.c
 )
+set(pnggetset_sources
+    contrib/libtests/pnggetset.c
+)
 set(pngunknown_sources
     contrib/libtests/pngunknown.c
 )
@@ -786,6 +789,15 @@ if(PNG_TESTS AND PNG_SHARED)
                COMMAND pngtest
                FILES "${TEST_PNG3_PNGS}")
 
+  # pnggetset test:
+  # Getter-to-setter roundtrips for various chunk types.
+  add_executable(pnggetset ${pnggetset_sources})
+  target_link_libraries(pnggetset
+                        PRIVATE png_shared)
+
+  png_add_test(NAME pnggetset
+               COMMAND pnggetset)
+
   # pngvalid tests:
   # Internal validation of standard and progressive reading,
   # transforms, and gamma handling.