libpng-1.2.50.txt | 5 3 + 2 - 0 !
png.5 | 6 5 + 1 - 0 !
png.h | 8 5 + 3 - 0 !
3 files changed, 13 insertions(+), 6 deletions(-)

---

png.h | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 add a space between literal and identifier for c++11
 This seems to be fixed in upstream version 1.2.51.

scripts/libpng-config-body.in | 4 3 + 1 - 0 !
scripts/libpng-config.in | 9 6 + 3 - 0 !
2 files changed, 9 insertions(+), 4 deletions(-)

---

png.c | 7 4 + 3 - 0 !
pngset.c | 9 9 + 0 - 0 !
2 files changed, 13 insertions(+), 3 deletions(-)

 added a safety check in png_set_time()

pngrutil.c | 13 12 + 1 - 0 !
pngset.c | 11 8 + 3 - 0 !
pngwutil.c | 7 5 + 2 - 0 !
3 files changed, 25 insertions(+), 6 deletions(-)

 multiple buffer overflows in the png_set_plte and png_get_plte functions
 .
 Prevent writing over-length PLTE chunk. Silently truncate over-length
 PLTE chunk while reading
 .
 CVE-2015-8126

pngrutil.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fixed new bug with crc error after reading an over-length palette

pngrutil.c | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

 [patch] [libpng12] avoid potential pointer overflow in
 png_handle_iTXt(),

png_handle_zTXt(), png_handle_sPLT(), and png_handle_pCAL() (Bug report
by John Regehr).

pngrutil.c | 11 6 + 5 - 0 !
1 file changed, 6 insertions(+), 5 deletions(-)

 [patch] [libpng12] use unsigned constants in buffer length
 comparisons

pngset.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 [patch] [libpng12] fixed bug recently introduced in png_set_plte()
 that uses png_ptr

not info_ptr.

pngwutil.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 cve-2015-8540: underflow read in png_check_keyword()

png.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 fix cve 2016-10087