summaryrefslogtreecommitdiffstats
path: root/src/3rdparty/libpng/README.trolltech
diff options
context:
space:
mode:
Diffstat (limited to 'src/3rdparty/libpng/README.trolltech')
-rw-r--r--src/3rdparty/libpng/README.trolltech15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/3rdparty/libpng/README.trolltech b/src/3rdparty/libpng/README.trolltech
new file mode 100644
index 000000000..d443f80e3
--- /dev/null
+++ b/src/3rdparty/libpng/README.trolltech
@@ -0,0 +1,15 @@
+This is libPNG 1.2.5, patched by Trolltech to fix a serious security vulnerability (CERT VU#388984)
+
+The patch is as follows:
+
+--- //depot/qt/3/src/3rdparty/libpng/pngrutil.c#4 Thu Aug 5 15:37:03 CEST 2004
++++ /home/dev/qt/3/src/3rdparty/libpng/pngrutil.c Thu Aug 5 15:37:03 CEST 2004
+@@ -1241,7 +1241,7 @@
+ /* Should be an error, but we can cope with it */
+ png_warning(png_ptr, "Missing PLTE before tRNS");
+ }
+- else if (length > (png_uint_32)png_ptr->num_palette)
++ if (length > (png_uint_32)png_ptr->num_palette)
+ {
+ png_warning(png_ptr, "Incorrect tRNS chunk length");
+ png_crc_finish(png_ptr, length);