New upstream release 1.6.37

.gitignore

@@ -24,3 +24,4 @@
 /libpng-1.6.34.tar.xz
 /libpng-1.6.35.tar.gz
 /libpng-1.6.36.tar.gz
+/libpng-1.6.37.tar.gz

libpng-CVE-2019-7317.patch

@@ -1,14 +0,0 @@
-diff --git a/png.c b/png.c
-index a25afeb..ff9da3f 100644
---- a/png.c
-+++ b/png.c
-@@ -4594,8 +4594,7 @@ png_image_free(png_imagep image)
-    if (image != NULL && image->opaque != NULL &&
-       image->opaque->error_buf == NULL)
-    {
--      /* Ignore errors here: */
--      (void)png_safe_execute(image, png_image_free_function, image);
-+      png_image_free_function(image);
-       image->opaque = NULL;
-    }
- }

libpng.spec

@@ -1,7 +1,7 @@
 Summary:       A library of functions for manipulating PNG image format files
 Name:          libpng
 Epoch:         2
-Version:       1.6.36
+Version:       1.6.37
 Release:       1%{?dist}
 License:       zlib
 URL:           http://www.libpng.org/pub/png/
@@ -10,7 +10,6 @@ Source0:       https://github.com/glennrp/%{name}/archive/v%{version}/%{name}-%{
 Source1:       pngusr.dfa
 Patch0:        libpng-multilib.patch
 Patch1:        libpng-fix-arm-neon.patch
-Patch2:        libpng-CVE-2019-7317.patch
 
 BuildRequires: gcc
 BuildRequires: zlib-devel
@@ -62,7 +61,6 @@ cp -p %{SOURCE1} .
 
 %patch0 -p1
 %patch1 -p1 -b .arm
-%patch2 -p1 -b .CVE-2019-7317
 
 %build
 autoreconf -vif
@@ -104,6 +102,9 @@ make check
 %{_bindir}/pngfix
 
 %changelog
+* Wed May 22 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.37-1
+- New upstream release 1.6.37
+
 * Wed Feb 27 2019 Debarshi Ray <rishi@fedoraproject.org> - 2:1.6.36-1
 - New upstream release 1.6.36
 

sources

@@ -1 +1 @@
-SHA512 (libpng-1.6.36.tar.gz) = aeb00b48347c9e84d31995b3fe7e40580029734aa8103d774eee5745f5ca1fd1fd91a15f32d492277ab94346e4e7f731ee9bfea1783f930094f9f87eb3d9397d
+SHA512 (libpng-1.6.37.tar.gz) = ccb3705c23b2724e86d072e2ac8cfc380f41fadfd6977a248d588a8ad57b6abe0e4155e525243011f245e98d9b7afbe2e8cc7fd4ff7d82fcefb40c0f48f88918