libpng to 1.6.19, CVE-2015-8126

Clemens Lang cal at
Sat Nov 14 15:40:31 PST 2015


since we don't have change emails at the moment, just a heads up that I have ignored
your maintainership of libpng and committed an update to 1.6.19 released three days
ago to fix CVE-2015-8126, scored 7.5.

I consider this justified according to section 7.3.1 of the guide [1], second
paragraph, third bullet point: "A critical port is broken that affects many users."

Let me know if you object to the change.


Clemens Lang

More information about the macports-dev mailing list