10 changed files with 104 additions and 71 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,27 @@
-SOURCES/libpng-1.6.34.tar.xz
+/libpng-1.5.13.tar.bz2
 /libpng-1.6.2.tar.gz
 /libpng-1.6.3.tar.gz
 /libpng-1.6.6.tar.gz
 /libpng-1.6.8.tar.gz
 /libpng-1.6.10.tar.gz
 /libpng-1.6.12.tar.gz
 /libpng-1.6.14.tar.gz
 /libpng-1.6.16.tar.gz
 /libpng-1.6.17.tar.gz
 /libpng-1.6.18.tar.gz
 /libpng-1.6.19.tar.gz
 /libpng-1.6.20.tar.gz
 /libpng-1.6.21.tar.gz
 /libpng-1.6.22.tar.gz
 /libpng-1.6.23.tar.gz
 /libpng-1.6.24.tar.gz
 /libpng-1.6.25.tar.gz
 /libpng-1.6.26.tar.gz
 /libpng-1.6.27.tar.gz
 /libpng-1.6.28.tar.gz
 /libpng-1.6.29.tar.xz
 /libpng-1.6.31.tar.xz
 /libpng-1.6.34.tar.xz
 /libpng-1.6.35.tar.gz
 /libpng-1.6.36.tar.gz
 /libpng-1.6.37.tar.gz
--- a/.libpng.metadata
+++ b/.libpng.metadata
@ -1 +0,0 @@
 45de4ec996ffcc3e18037e7c128abe95f4d0292a SOURCES/libpng-1.6.34.tar.xz
--- a/SOURCES/libpng-CVE-2018-13785.patch
+++ b/SOURCES/libpng-CVE-2018-13785.patch
@ -1,34 +0,0 @@
 From 9821583a771bfe2c75b7449d8ff83cb348291b3f Mon Sep 17 00:00:00 2001
 From: Cosmin Truta <ctruta@gmail.com>
 Date: Sun, 17 Jun 2018 22:56:29 -0400
 Subject: [PATCH] Fix the calculation of row_factor in png_check_chunk_length
 (Bug report by Thuan Pham, SourceForge issue #278)
 ---
 pngrutil.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
 diff --git a/pngrutil.c b/pngrutil.c
 index 8692933..eab2973 100644
 --- a/pngrutil.c
 +++ b/pngrutil.c
@@ -3149,10 +3149,13 @@ png_check_chunk_length(png_const_structrp png_ptr, const png_uint_32 length)
    {
       png_alloc_size_t idat_limit = PNG_UINT_31_MAX;
       size_t row_factor =
 -         (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
 -          + 1 + (png_ptr->interlaced? 6: 0));
 +         (size_t)png_ptr->width
 +         * (size_t)png_ptr->channels
 +         * (png_ptr->bit_depth > 8? 2: 1)
 +         + 1
 +         + (png_ptr->interlaced? 6: 0);
       if (png_ptr->height > PNG_UINT_32_MAX/row_factor)
 -         idat_limit=PNG_UINT_31_MAX;
 +         idat_limit = PNG_UINT_31_MAX;
       else
          idat_limit = png_ptr->height * row_factor;
       row_factor = row_factor > 32566? 32566 : row_factor;
 -- 
 2.17.1
--- a/SOURCES/libpng-coverity.patch
+++ b/SOURCES/libpng-coverity.patch
@ -1,12 +0,0 @@
 diff --git a/libpng-config.in b/libpng-config.in
 index 3739eb9..7f6b2cc 100644
 --- a/libpng-config.in
 +++ b/libpng-config.in
@@ -13,7 +13,6 @@
 version=`pkg-config --modversion libpng`
 prefix=`pkg-config --variable prefix libpng`
 -exec_prefix=`pkg-config --variable exec_prefix libpng`
 libdir=`pkg-config --variable libdir libpng`
 includedir=`pkg-config --variable includedir libpng`
 libs="-lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@"
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,7 @@
 --- !Policy
 product_versions:
  - rhel-9
 decision_context: osci_compose_gate
 rules:
  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
--- a/SOURCES/libpng-fix-arm-neon.patch
+++ b/SOURCES/libpng-fix-arm-neon.patch
--- a/SOURCES/libpng-multilib.patch
+++ b/SOURCES/libpng-multilib.patch
--- a/SPECS/libpng.spec
+++ b/SPECS/libpng.spec
@ -1,24 +1,22 @@
 %bcond_without check
 Summary:       A library of functions for manipulating PNG image format files
 Name:          libpng
 Epoch:         2
-Version:       1.6.34
+Version:       1.6.37
-Release:       5%{?dist}
+Release:       12%{?dist}
 License:       zlib
 Group:         System Environment/Libraries
 URL:           http://www.libpng.org/pub/png/
-# Note: non-current tarballs get moved to the history/ subdirectory,
+Source0:       https://github.com/glennrp/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
 # so look there if you fail to retrieve the version you want
 Source0:       https://ftp-osl.osuosl.org/pub/libpng/src/libpng16/libpng-%{version}.tar.xz
 Source1:       pngusr.dfa
 Patch0:        libpng-multilib.patch
 Patch1:        libpng-fix-arm-neon.patch
 Patch2:        libpng-CVE-2018-13785.patch
 Patch3:        libpng-coverity.patch
 BuildRequires: gcc
 BuildRequires: zlib-devel
 BuildRequires: autoconf automake libtool
 BuildRequires: make
 %description
 The libpng package contains a library of functions for creating and
@ -32,9 +30,8 @@ files.
 %package devel
 Summary:       Development tools for programs to manipulate PNG image format files
 Group:         Development/Libraries
 Requires:      %{name}%{?_isa} = %{epoch}:%{version}-%{release}
-Requires:      zlib-devel%{?_isa} pkgconfig%{?_isa}
+Requires:      zlib-devel%{?_isa} pkgconfig
 %description devel
 The libpng-devel package contains header files and documentation necessary
@ -46,7 +43,6 @@ the libpng package.
 %package static
 Summary:       Static PNG image format file library
 Group:         Development/Libraries
 Requires:      %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release}
 %description static
@ -56,7 +52,6 @@ necessary for some boot packages.
 %package tools
 Summary:       Tools for PNG image format file library
 Group:         Development/Libraries
 Requires:      %{name}%{?_isa} = %{epoch}:%{version}-%{release}
 %description tools
@ -69,23 +64,20 @@ cp -p %{SOURCE1} .
 %patch0 -p1
 %patch1 -p1 -b .arm
 %patch2 -p1 -b .CVE-2018-13785
 %patch3 -p1 -b .coverity
 %build
 autoreconf -vif
 %configure
-make %{?_smp_mflags} DFA_XTRA=pngusr.dfa
+%make_build DFA_XTRA=pngusr.dfa
 %install
-make DESTDIR=$RPM_BUILD_ROOT install
+%make_install
 # We don't ship .la files.
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 %if 0%{?with_check}
 %check
 #to run make check use "--with check"
 %if %{?_with_check:1}%{!?_with_check:0}
 make check
 %endif
@ -112,11 +104,65 @@ make check
 %{_bindir}/pngfix
 %changelog
-* Mon Oct 15 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-5
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2:1.6.37-12
- Fix important Covscan defects (#1602588)
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688
-* Wed Aug 01 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-4
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:1.6.37-11
- Fix CVE-2018-13785 (#1599952)
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Wed Mar 24 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-10
 - Remove the aarch64 test workaround, the patches causing the failures
  have been dropped in zlib-1.2.11-25
 * Thu Feb 11 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-9
 - Run %check by default
 * Fri Feb 05 2021 Nikola Forró <nforro@redhat.com> - 2:1.6.37-8
 - Use proper pngtest.png reference image on aarch64
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Mon Nov 02 2020 Nikola Forró <nforro@redhat.com> - 2:1.6.37-6
 - Remove libpng-devel dependency on arch-specific pkgconfig (#1893523)
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 2:1.6.37-4
 - Use make macros
 - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.37-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Wed May 22 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.37-1
 - New upstream release 1.6.37
 * Wed Feb 27 2019 Debarshi Ray <rishi@fedoraproject.org> - 2:1.6.36-1
 - New upstream release 1.6.36
 * Fri Feb 08 2019 Nikola Forró <nforro@redhat.com> - 2:1.6.35-3
 - Fix CVE-2019-7317 (#1672411)
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.35-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Wed Oct 10 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.35-1
 - New upstream release 1.6.35 (#1552349)
 * Wed Aug 01 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-6
 - Fix CVE-2018-13785 (#1599944)
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.34-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Tue Feb 20 2018 Nikola Forró <nforro@redhat.com> - 2:1.6.34-4
 - Add missing gcc build dependency
 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:1.6.34-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--- a/SOURCES/pngusr.dfa
+++ b/SOURCES/pngusr.dfa
--- a/1
+++ b/1
@ -0,0 +1 @@
 SHA512 (libpng-1.6.37.tar.gz) = ccb3705c23b2724e86d072e2ac8cfc380f41fadfd6977a248d588a8ad57b6abe0e4155e525243011f245e98d9b7afbe2e8cc7fd4ff7d82fcefb40c0f48f88918
		`@ -1 +0,0 @@`
			`45de4ec996ffcc3e18037e7c128abe95f4d0292a SOURCES/libpng-1.6.34.tar.xz`
		`@ -0,0 +1 @@`
							`SHA512 (libpng-1.6.37.tar.gz) = ccb3705c23b2724e86d072e2ac8cfc380f41fadfd6977a248d588a8ad57b6abe0e4155e525243011f245e98d9b7afbe2e8cc7fd4ff7d82fcefb40c0f48f88918`