rpms/libpng
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c10
rpms:c9
rpms:c8s
rpms:c10s
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c8/libpng-1.6.34-9.el8_10
rpms:imports/c10/libpng-1.6.40-8.el10_1.1
rpms:imports/c9/libpng-1.6.37-12.el9_7.1
rpms:imports/c10/libpng-1.6.40-8.el10_0
rpms:imports/c10s/libpng-1.6.40-8.el10
rpms:imports/c10s/libpng-1.6.40-7.el10
rpms:imports/c10s/libpng-1.6.40-4.el10
rpms:imports/c9/libpng-1.6.37-12.el9
rpms:imports/c9-beta/libpng-1.6.37-12.el9
rpms:imports/c8-beta/libpng-1.6.34-5.el8
rpms:imports/c8/libpng-1.6.34-5.el8
...
pull from: rpms:c9-beta
Branches Tags
rpms:c8
rpms:c10
rpms:c9
rpms:c8s
rpms:c10s
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c8/libpng-1.6.34-9.el8_10
rpms:imports/c10/libpng-1.6.40-8.el10_1.1
rpms:imports/c9/libpng-1.6.37-12.el9_7.1
rpms:imports/c10/libpng-1.6.40-8.el10_0
rpms:imports/c10s/libpng-1.6.40-8.el10
rpms:imports/c10s/libpng-1.6.40-7.el10
rpms:imports/c10s/libpng-1.6.40-4.el10
rpms:imports/c9/libpng-1.6.37-12.el9
rpms:imports/c9-beta/libpng-1.6.37-12.el9
rpms:imports/c8-beta/libpng-1.6.34-5.el8
rpms:imports/c8/libpng-1.6.34-5.el8

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

10 changed files with 69 additions and 433 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/libpng-1.6.34.tar.xz
SOURCES/libpng-1.6.37.tar.gz

2
.libpng.metadata
View File

@ -1 +1 @@
45de4ec996ffcc3e18037e7c128abe95f4d0292a SOURCES/libpng-1.6.34.tar.xz
1aac0e12aa5b583f736fb6692f47dff7a3efa78b SOURCES/libpng-1.6.37.tar.gz

69
SOURCES/libpng-1.6-CVE-2025-64720.patch
View File

@ -1,69 +0,0 @@
diff --git a/pngrtran.c b/pngrtran.c
index 548780030a..2f52022551 100644
--- a/pngrtran.c
+++ b/pngrtran.c
@@ -1781,19 +1781,51 @@ png_init_read_transformations(png_structrp png_ptr)
}
else /* if (png_ptr->trans_alpha[i] != 0xff) */
{
- png_byte v, w;
-
- v = png_ptr->gamma_to_1[palette[i].red];
- png_composite(w, v, png_ptr->trans_alpha[i], back_1.red);
- palette[i].red = png_ptr->gamma_from_1[w];
-
- v = png_ptr->gamma_to_1[palette[i].green];
- png_composite(w, v, png_ptr->trans_alpha[i], back_1.green);
- palette[i].green = png_ptr->gamma_from_1[w];
-
- v = png_ptr->gamma_to_1[palette[i].blue];
- png_composite(w, v, png_ptr->trans_alpha[i], back_1.blue);
- palette[i].blue = png_ptr->gamma_from_1[w];
+ if ((png_ptr->flags & PNG_FLAG_OPTIMIZE_ALPHA) != 0)
+ {
+ /* Premultiply only:
+ * component = round((component * alpha) / 255)
+ */
+ png_uint_32 component;
+
+ component = png_ptr->gamma_to_1[palette[i].red];
+ component =
+ (component * png_ptr->trans_alpha[i] + 128) / 255;
+ palette[i].red = png_ptr->gamma_from_1[component];
+
+ component = png_ptr->gamma_to_1[palette[i].green];
+ component =
+ (component * png_ptr->trans_alpha[i] + 128) / 255;
+ palette[i].green = png_ptr->gamma_from_1[component];
+
+ component = png_ptr->gamma_to_1[palette[i].blue];
+ component =
+ (component * png_ptr->trans_alpha[i] + 128) / 255;
+ palette[i].blue = png_ptr->gamma_from_1[component];
+ }
+ else
+ {
+ /* Composite with background color:
+ * component =
+ * alpha * component + (1 - alpha) * background
+ */
+ png_byte v, w;
+
+ v = png_ptr->gamma_to_1[palette[i].red];
+ png_composite(w, v,
+ png_ptr->trans_alpha[i], back_1.red);
+ palette[i].red = png_ptr->gamma_from_1[w];
+
+ v = png_ptr->gamma_to_1[palette[i].green];
+ png_composite(w, v,
+ png_ptr->trans_alpha[i], back_1.green);
+ palette[i].green = png_ptr->gamma_from_1[w];
+
+ v = png_ptr->gamma_to_1[palette[i].blue];
+ png_composite(w, v,
+ png_ptr->trans_alpha[i], back_1.blue);
+ palette[i].blue = png_ptr->gamma_from_1[w];
+ }
}
}
else

25
SOURCES/libpng-1.6-CVE-2025-65018_p1of2.patch
View File

@ -1,25 +0,0 @@
diff --git a/pngread.c b/pngread.c
index 212afb7d21..92571ec335 100644
--- a/pngread.c
+++ b/pngread.c
@@ -4040,6 +4040,20 @@ png_image_finish_read(png_imagep image, png_const_colorp background,
int result;
png_image_read_control display;
+ /* Reject bit depth mismatches to avoid buffer overflows. */
+ png_uint_32 ihdr_bit_depth =
+ image->opaque->png_ptr->bit_depth;
+ int requested_linear =
+ (image->format & PNG_FORMAT_FLAG_LINEAR) != 0;
+ if (ihdr_bit_depth == 16 && !requested_linear)
+ return png_image_error(image,
+ "png_image_finish_read: "
+ "16-bit PNG must use 16-bit output format");
+ if (ihdr_bit_depth < 16 && requested_linear)
+ return png_image_error(image,
+ "png_image_finish_read: "
+ "8-bit PNG must not use 16-bit output format");
+
memset(&display, 0, (sizeof display));
display.image = image;
display.buffer = buffer;

130
SOURCES/libpng-1.6-CVE-2025-65018_p2of2.patch
View File

@ -1,130 +0,0 @@
diff --git a/pngread.c b/pngread.c
index 92571ec335..79917daaaf 100644
--- a/pngread.c
+++ b/pngread.c
@@ -3129,6 +3129,54 @@ png_image_read_colormapped(png_voidp argument)
}
}
+/* Row reading for interlaced 16-to-8 bit depth conversion with local buffer. */
+static int
+png_image_read_direct_scaled(png_voidp argument)
+{
+ png_image_read_control *display = png_voidcast(png_image_read_control*,
+ argument);
+ png_imagep image = display->image;
+ png_structrp png_ptr = image->opaque->png_ptr;
+ png_bytep local_row = png_voidcast(png_bytep, display->local_row);
+ png_bytep first_row = png_voidcast(png_bytep, display->first_row);
+ ptrdiff_t row_bytes = display->row_bytes;
+ int passes;
+
+ /* Handle interlacing. */
+ switch (png_ptr->interlaced)
+ {
+ case PNG_INTERLACE_NONE:
+ passes = 1;
+ break;
+
+ case PNG_INTERLACE_ADAM7:
+ passes = PNG_INTERLACE_ADAM7_PASSES;
+ break;
+
+ default:
+ png_error(png_ptr, "unknown interlace type");
+ }
+
+ /* Read each pass using local_row as intermediate buffer. */
+ while (--passes >= 0)
+ {
+ png_uint_32 y = image->height;
+ png_bytep output_row = first_row;
+
+ for (; y > 0; --y)
+ {
+ /* Read into local_row (gets transformed 8-bit data). */
+ png_read_row(png_ptr, local_row, NULL);
+
+ /* Copy from local_row to user buffer. */
+ memcpy(output_row, local_row, (size_t)row_bytes);
+ output_row += row_bytes;
+ }
+ }
+
+ return 1;
+}
+
/* Just the row reading part of png_image_read. */
static int
png_image_read_composite(png_voidp argument)
@@ -3547,6 +3595,7 @@ png_image_read_direct(png_voidp argument)
int linear = (format & PNG_FORMAT_FLAG_LINEAR) != 0;
int do_local_compose = 0;
int do_local_background = 0; /* to avoid double gamma correction bug */
+ int do_local_scale = 0; /* for interlaced 16-to-8 bit conversion */
int passes = 0;
/* Add transforms to ensure the correct output format is produced then check
@@ -3680,8 +3729,16 @@ png_image_read_direct(png_voidp argument)
png_set_expand_16(png_ptr);
else /* 8-bit output */
+ {
png_set_scale_16(png_ptr);
+ /* For interlaced images, use local_row buffer to avoid overflow
+ * in png_combine_row() which writes using IHDR bit-depth.
+ */
+ if (png_ptr->interlaced != 0)
+ do_local_scale = 1;
+ }
+
change &= ~PNG_FORMAT_FLAG_LINEAR;
}
@@ -3957,6 +4014,24 @@ png_image_read_direct(png_voidp argument)
return result;
}
+ else if (do_local_scale != 0)
+ {
+ /* For interlaced 16-to-8 conversion, use an intermediate row buffer
+ * to avoid buffer overflows in png_combine_row. The local_row is sized
+ * for the transformed (8-bit) output, preventing the overflow that would
+ * occur if png_combine_row wrote 16-bit data directly to the user buffer.
+ */
+ int result;
+ png_voidp row = png_malloc(png_ptr, png_get_rowbytes(png_ptr, info_ptr));
+
+ display->local_row = row;
+ result = png_safe_execute(image, png_image_read_direct_scaled, display);
+ display->local_row = NULL;
+ png_free(png_ptr, row);
+
+ return result;
+ }
+
else
{
png_alloc_size_t row_bytes = (png_alloc_size_t)display->row_bytes;
@@ -4040,20 +4115,6 @@ png_image_finish_read(png_imagep image, png_const_colorp background,
int result;
png_image_read_control display;
- /* Reject bit depth mismatches to avoid buffer overflows. */
- png_uint_32 ihdr_bit_depth =
- image->opaque->png_ptr->bit_depth;
- int requested_linear =
- (image->format & PNG_FORMAT_FLAG_LINEAR) != 0;
- if (ihdr_bit_depth == 16 && !requested_linear)
- return png_image_error(image,
- "png_image_finish_read: "
- "16-bit PNG must use 16-bit output format");
- if (ihdr_bit_depth < 16 && requested_linear)
- return png_image_error(image,
- "png_image_finish_read: "
- "8-bit PNG must not use 16-bit output format");
-
memset(&display, 0, (sizeof display));
display.image = image;
display.buffer = buffer;

21
SOURCES/libpng-1.6-CVE-2025-66293_p1of2.patch
View File

@ -1,21 +0,0 @@
diff --git a/pngread.c b/pngread.c
index 79917daaaf..ab62edd9d8 100644
--- a/pngread.c
+++ b/pngread.c
@@ -3273,9 +3273,14 @@ png_image_read_composite(png_voidp argument)
component += (255-alpha)*png_sRGB_table[outrow[c]];
/* So 'component' is scaled by 255*65535 and is
- * therefore appropriate for the sRGB to linear
- * conversion table.
+ * therefore appropriate for the sRGB-to-linear
+ * conversion table. Clamp to the valid range
+ * as a defensive measure against an internal
+ * libpng bug where the data is sRGB rather than
+ * linear premultiplied.
*/
+ if (component > 255*65535)
+ component = 255*65535;
component = PNG_sRGB_FROM_LINEAR(component);
}

88
SOURCES/libpng-1.6-CVE-2025-66293_p2of2.patch
View File

@ -1,88 +0,0 @@
diff --git a/pngread.c b/pngread.c
index ab62edd9d8..f8ca2b7e31 100644
--- a/pngread.c
+++ b/pngread.c
@@ -3207,6 +3207,7 @@ png_image_read_composite(png_voidp argument)
ptrdiff_t step_row = display->row_bytes;
unsigned int channels =
(image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1;
+ int optimize_alpha = (png_ptr->flags & PNG_FLAG_OPTIMIZE_ALPHA) != 0;
int pass;
for (pass = 0; pass < passes; ++pass)
@@ -3263,25 +3264,44 @@ png_image_read_composite(png_voidp argument)
if (alpha < 255) /* else just use component */
{
- /* This is PNG_OPTIMIZED_ALPHA, the component value
- * is a linear 8-bit value. Combine this with the
- * current outrow[c] value which is sRGB encoded.
- * Arithmetic here is 16-bits to preserve the output
- * values correctly.
- */
- component *= 257*255; /* =65535 */
- component += (255-alpha)*png_sRGB_table[outrow[c]];
-
- /* So 'component' is scaled by 255*65535 and is
- * therefore appropriate for the sRGB-to-linear
- * conversion table. Clamp to the valid range
- * as a defensive measure against an internal
- * libpng bug where the data is sRGB rather than
- * linear premultiplied.
- */
- if (component > 255*65535)
- component = 255*65535;
- component = PNG_sRGB_FROM_LINEAR(component);
+ if (optimize_alpha != 0)
+ {
+ /* This is PNG_OPTIMIZED_ALPHA, the component value
+ * is a linear 8-bit value. Combine this with the
+ * current outrow[c] value which is sRGB encoded.
+ * Arithmetic here is 16-bits to preserve the output
+ * values correctly.
+ */
+ component *= 257*255; /* =65535 */
+ component += (255-alpha)*png_sRGB_table[outrow[c]];
+
+ /* Clamp to the valid range to defend against
+ * unforeseen cases where the data might be sRGB
+ * instead of linear premultiplied.
+ * (Belt-and-suspenders for GitHub Issue #764.)
+ */
+ if (component > 255*65535)
+ component = 255*65535;
+
+ /* So 'component' is scaled by 255*65535 and is
+ * therefore appropriate for the sRGB-to-linear
+ * conversion table.
+ */
+ component = PNG_sRGB_FROM_LINEAR(component);
+ }
+ else
+ {
+ /* Compositing was already done on the palette
+ * entries. The data is sRGB premultiplied on black.
+ * Composite with the background in sRGB space.
+ * This is not gamma-correct, but matches what was
+ * done to the palette.
+ */
+ png_uint_32 background = outrow[c];
+ component += ((255-alpha) * background + 127) / 255;
+ if (component > 255)
+ component = 255;
+ }
}
outrow[c] = (png_byte)component;
diff --git a/pngrtran.c b/pngrtran.c
index 2f52022551..507d11381e 100644
--- a/pngrtran.c
+++ b/pngrtran.c
@@ -1843,6 +1843,7 @@ png_init_read_transformations(png_structrp png_ptr)
* transformations elsewhere.
*/
png_ptr->transformations &= ~(PNG_COMPOSE | PNG_GAMMA);
+ png_ptr->flags &= ~PNG_FLAG_OPTIMIZE_ALPHA;
} /* color_type == PNG_COLOR_TYPE_PALETTE */
/* if (png_ptr->background_gamma_type!=PNG_BACKGROUND_GAMMA_UNKNOWN) */

34
SOURCES/libpng-CVE-2018-13785.patch
View File

@ -1,34 +0,0 @@
From 9821583a771bfe2c75b7449d8ff83cb348291b3f Mon Sep 17 00:00:00 2001
From: Cosmin Truta <ctruta@gmail.com>
Date: Sun, 17 Jun 2018 22:56:29 -0400
Subject: [PATCH] Fix the calculation of row_factor in png_check_chunk_length
(Bug report by Thuan Pham, SourceForge issue #278)
---
pngrutil.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/pngrutil.c b/pngrutil.c
index 8692933..eab2973 100644
--- a/pngrutil.c
+++ b/pngrutil.c
@@ -3149,10 +3149,13 @@ png_check_chunk_length(png_const_structrp png_ptr, const png_uint_32 length)
{
png_alloc_size_t idat_limit = PNG_UINT_31_MAX;
size_t row_factor =
- (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
- + 1 + (png_ptr->interlaced? 6: 0));
+ (size_t)png_ptr->width
+ * (size_t)png_ptr->channels
+ * (png_ptr->bit_depth > 8? 2: 1)
+ + 1
+ + (png_ptr->interlaced? 6: 0);
if (png_ptr->height > PNG_UINT_32_MAX/row_factor)
- idat_limit=PNG_UINT_31_MAX;
+ idat_limit = PNG_UINT_31_MAX;
else
idat_limit = png_ptr->height * row_factor;
row_factor = row_factor > 32566? 32566 : row_factor;
--
2.17.1

12
SOURCES/libpng-coverity.patch
View File

@ -1,12 +0,0 @@
diff --git a/libpng-config.in b/libpng-config.in
index 3739eb9..7f6b2cc 100644
--- a/libpng-config.in
+++ b/libpng-config.in
@@ -13,7 +13,6 @@
version=`pkg-config --modversion libpng`
prefix=`pkg-config --variable prefix libpng`
-exec_prefix=`pkg-config --variable exec_prefix libpng`
libdir=`pkg-config --variable libdir libpng`
includedir=`pkg-config --variable includedir libpng`
libs="-lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@"

119
SPECS/libpng.spec
View File

@ -1,36 +1,22 @@
%bcond_without check
Summary: A library of functions for manipulating PNG image format files
Name: libpng
Epoch: 2
Version: 1.6.34
Release: 9%{?dist}
Version: 1.6.37
Release: 12%{?dist}
License: zlib
Group: System Environment/Libraries
URL: http://www.libpng.org/pub/png/
# Note: non-current tarballs get moved to the history/ subdirectory,
# so look there if you fail to retrieve the version you want
Source0: https://ftp-osl.osuosl.org/pub/libpng/src/libpng16/libpng-%{version}.tar.xz
Source0: https://github.com/glennrp/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
Source1: pngusr.dfa
Patch0: libpng-multilib.patch
Patch1: libpng-fix-arm-neon.patch
Patch2: libpng-CVE-2018-13785.patch
Patch3: libpng-coverity.patch
# from upstream, for <1.6.51, RHEL-131422
# https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643
Patch4: libpng-1.6-CVE-2025-64720.patch
# from upstream, for <1.6.51, RHEL-131435
# https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d
Patch5: libpng-1.6-CVE-2025-65018_p1of2.patch
# https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea
Patch6: libpng-1.6-CVE-2025-65018_p2of2.patch
# from upstream, for <1.6.52, RHEL-133212
# https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1
Patch7: libpng-1.6-CVE-2025-66293_p1of2.patch
# https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a
Patch8: libpng-1.6-CVE-2025-66293_p2of2.patch
BuildRequires: gcc
BuildRequires: zlib-devel
BuildRequires: autoconf automake libtool
BuildRequires: make
%description
The libpng package contains a library of functions for creating and
@ -44,9 +30,8 @@ files.
%package devel
Summary: Development tools for programs to manipulate PNG image format files
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
Requires: zlib-devel%{?_isa} pkgconfig%{?_isa}
Requires: zlib-devel%{?_isa} pkgconfig
%description devel
The libpng-devel package contains header files and documentation necessary
@ -58,7 +43,6 @@ the libpng package.
%package static
Summary: Static PNG image format file library
Group: Development/Libraries
Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release}
%description static
@ -68,7 +52,6 @@ necessary for some boot packages.
%package tools
Summary: Tools for PNG image format file library
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
%description tools
@ -79,30 +62,22 @@ The libpng-tools package contains tools used by the authors of libpng.
# Provide pngusr.dfa for build.
cp -p %{SOURCE1} .
%patch -P 0 -p1
%patch -P 1 -p1 -b .arm
%patch -P 2 -p1 -b .CVE-2018-13785
%patch -P 3 -p1 -b .coverity
%patch -P 4 -p1 -b .CVE-2025-64720
%patch -P 5 -p1 -b .CVE-2025-65018_p1of2
%patch -P 6 -p1 -b .CVE-2025-65018_p2of2
%patch -P 7 -p1 -b .CVE-2025-66293_p1of2
%patch -P 8 -p1 -b .CVE-2025-66293_p2of2
%patch0 -p1
%patch1 -p1 -b .arm
%build
autoreconf -vif
%configure
make %{?_smp_mflags} DFA_XTRA=pngusr.dfa
%make_build DFA_XTRA=pngusr.dfa
%install
make DESTDIR=$RPM_BUILD_ROOT install
%make_install
# We don't ship .la files.
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
%if 0%{?with_check}
%check
#to run make check use "--with check"
%if %{?_with_check:1}%{!?_with_check:0}
make check
%endif
@ -129,25 +104,65 @@ make check
%{_bindir}/pngfix
%changelog
* Tue Dec 16 2025 Michal Hlavinka <mhlavink@redhat.com> - 2:1.6.34-9
- CVE-2025-64720: buffer overflow (RHEL-131452)
- CVE-2025-65018: heap buffer overflow (RHEL-131465)
- CVE-2025-66293: out-of-bounds read in png_image_read_composite (RHEL-133226)
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2:1.6.37-12
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Thu Nov 28 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.34-8
- Remove redundant fix for CVE-2017-12652
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:1.6.37-11
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Nov 26 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.34-7
- Add upstream test suite and enable it in gating
* Wed Mar 24 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-10
- Remove the aarch64 test workaround, the patches causing the failures
have been dropped in zlib-1.2.11-25
* Fri Nov 22 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.34-6
- Fix CVE-2017-12652 (#1744871)
* Thu Feb 11 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-9
- Run %check by default
* Mon Oct 15 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-5
- Fix important Covscan defects (#1602588)
* Fri Feb 05 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-8
- Use proper pngtest.png reference image on aarch64
* Wed Aug 01 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-4
- Fix CVE-2018-13785 (#1599952)
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Nov 02 2020 Nikola Forró <nforro@redhat.com> - 2:1.6.37-6
- Remove libpng-devel dependency on arch-specific pkgconfig (#1893523)
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 2:1.6.37-4
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed May 22 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.37-1
- New upstream release 1.6.37
* Wed Feb 27 2019 Debarshi Ray <rishi@fedoraproject.org> - 2:1.6.36-1
- New upstream release 1.6.36
* Fri Feb 08 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.35-3
- Fix CVE-2019-7317 (#1672411)
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.35-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 10 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.35-1
- New upstream release 1.6.35 (#1552349)
* Wed Aug 01 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-6
- Fix CVE-2018-13785 (#1599944)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.34-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Feb 20 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-4
- Add missing gcc build dependency
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.34-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild