libpng to 1.6.19, CVE-2015-8126
Clemens Lang
cal at macports.org
Sat Nov 14 15:40:31 PST 2015
Ryan,
since we don't have change emails at the moment, just a heads up that I have ignored
your maintainership of libpng and committed an update to 1.6.19 released three days
ago to fix CVE-2015-8126, scored 7.5.
I consider this justified according to section 7.3.1 of the guide [1], second
paragraph, third bullet point: "A critical port is broken that affects many users."
Let me know if you object to the change.
[1] https://guide.macports.org/#project.update-policies.nonmaintainer
--
Clemens Lang
More information about the macports-dev
mailing list