libpng to 1.6.19, CVE-2015-8126

Ryan Schmidt ryandesign at
Sat Nov 14 16:03:09 PST 2015

On Nov 14, 2015, at 17:40, Clemens Lang wrote:
> Ryan,
> since we don't have change emails at the moment, just a heads up that I have ignored
> your maintainership of libpng and committed an update to 1.6.19 released three days
> ago to fix CVE-2015-8126, scored 7.5.
> I consider this justified according to section 7.3.1 of the guide [1], second
> paragraph, third bullet point: "A critical port is broken that affects many users."
> Let me know if you object to the change.

Not a problem! On the contrary, thanks for updating it. 

More information about the macports-dev mailing list