From 15bfc8d020a50a3be7b32e448fce15c896466f65 Mon Sep 17 00:00:00 2001 From: CBL-Mariner Servicing Account Date: Fri, 8 May 2026 21:38:01 +0000 Subject: [PATCH 1/2] Upgrade libpng to 1.6.58 for a regression introduced in version 1.6.56 that caused to return stale palette data after applying gamma and background transforms in-place --- SPECS/libpng/libpng.signatures.json | 2 +- SPECS/libpng/libpng.spec | 5 ++++- cgmanifest.json | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/SPECS/libpng/libpng.signatures.json b/SPECS/libpng/libpng.signatures.json index 52b1000f829..365b254a057 100644 --- a/SPECS/libpng/libpng.signatures.json +++ b/SPECS/libpng/libpng.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libpng-1.6.57.tar.xz": "d10c20d7171569804cae8dfc13ba6dcd0662c41ed39d43d4d429314aafb10a80" + "libpng-1.6.58.tar.xz": "28eb403f51f0f7405249132cecfe82ea5c0ef97f1b32c5a65828814ae0d34775" } } diff --git a/SPECS/libpng/libpng.spec b/SPECS/libpng/libpng.spec index 85eda53239e..60d632aee59 100644 --- a/SPECS/libpng/libpng.spec +++ b/SPECS/libpng/libpng.spec @@ -1,6 +1,6 @@ Summary: contains libraries for reading and writing PNG files. Name: libpng -Version: 1.6.57 +Version: 1.6.58 Release: 1%{?dist} License: zlib Vendor: Microsoft Corporation @@ -57,6 +57,9 @@ make %{?_smp_mflags} -k check %{_mandir}/man3/* %changelog +* Fri May 08 2026 CBL-Mariner Servicing Account - 1.6.58-1 +- Auto-upgrade to 1.6.58 - for a regression introduced in version 1.6.56 that caused to return stale palette data after applying gamma and background transforms in-place + * Sat Apr 11 2026 CBL-Mariner Servicing Account - 1.6.57-1 - Auto-upgrade to 1.6.57 - for CVE-2026-34757 diff --git a/cgmanifest.json b/cgmanifest.json index 2ab45fc853c..3f86ed29a36 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -10911,8 +10911,8 @@ "type": "other", "other": { "name": "libpng", - "version": "1.6.57", - "downloadUrl": "https://downloads.sourceforge.net/libpng/libpng-1.6.57.tar.xz" + "version": "1.6.58", + "downloadUrl": "https://downloads.sourceforge.net/libpng/libpng-1.6.58.tar.xz" } } }, From c17b0e56c4d7f9086e1d49f6056b77daf7f41de9 Mon Sep 17 00:00:00 2001 From: Kanishk Bansal <103916909+Kanishk-Bansal@users.noreply.github.com> Date: Sat, 9 May 2026 03:11:42 +0530 Subject: [PATCH 2/2] Correct changelog entry formatting for libpng Fixed formatting of the changelog entry for version 1.6.58. --- SPECS/libpng/libpng.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/SPECS/libpng/libpng.spec b/SPECS/libpng/libpng.spec index 60d632aee59..005c08b883a 100644 --- a/SPECS/libpng/libpng.spec +++ b/SPECS/libpng/libpng.spec @@ -58,7 +58,8 @@ make %{?_smp_mflags} -k check %changelog * Fri May 08 2026 CBL-Mariner Servicing Account - 1.6.58-1 -- Auto-upgrade to 1.6.58 - for a regression introduced in version 1.6.56 that caused to return stale palette data after applying gamma and background transforms in-place +- Auto-upgrade to 1.6.58 - for a regression introduced in version 1.6.56 that caused + to return stale palette data after applying gamma and background transforms in-place * Sat Apr 11 2026 CBL-Mariner Servicing Account - 1.6.57-1 - Auto-upgrade to 1.6.57 - for CVE-2026-34757