libpng 1.6.47 - February 18, 2025
=================================

This is a public release of libpng, intended for use in production code.


Files available for download
----------------------------

Source files with LF line endings (for Unix/Linux):

 * libpng-1.6.47.tar.xz (LZMA-compressed, recommended)
 * libpng-1.6.47.tar.gz (deflate-compressed)

Source files with CRLF line endings (for Windows):

 * lpng1647.7z (LZMA-compressed, recommended)
 * lpng1647.zip (deflate-compressed)

Other information:

 * README.md
 * LICENSE.md
 * AUTHORS.md
 * TRADEMARK.md


Changes from version 1.6.46 to version 1.6.47
---------------------------------------------

 * Modified the behaviour of colorspace chunks in order to adhere
   to the new precedence rules formulated in the latest draft of
   the PNG Specification.
   (Contributed by John Bowler)
 * Fixed a latent bug in `png_write_iCCP`.
   This would have been a read-beyond-end-of-malloc vulnerability,
   introduced early in the libpng-1.6.0 development, yet (fortunately!)
   it was inaccessible before the above-mentioned modification of the
   colorspace precedence rules, due to pre-existing colorspace checks.
   (Reported by Bob Friesenhahn; fixed by John Bowler)


Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
Subscription is required; visit
https://lists.sourceforge.net/lists/listinfo/png-mng-implement
to subscribe.