[Bug 1886858] New: Review Request: pngcheck - Verifies the integrity of PNG, JNG and MNG files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1886858

            Bug ID: 1886858
           Summary: Review Request: pngcheck - Verifies the integrity of
                    PNG, JNG and MNG files
           Product: Fedora
           Version: rawhide
          Hardware: All
                OS: Linux
            Status: NEW
         Component: Package Review
          Severity: medium
          Assignee: nobody@xxxxxxxxxxxxxxxxx
          Reporter: code@xxxxxxxxxxxxxxxxxx
        QA Contact: extras-qa@xxxxxxxxxxxxxxxxx
                CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx
  Target Milestone: ---
    Classification: Fedora



Spec URL:
https://gitlab.com/musicinmybrain/pngcheck-rpm/-/raw/master/pngcheck.spec
Patch URL:
https://gitlab.com/musicinmybrain/pngcheck-rpm/-/raw/master/pngcheck-2.3.0-format-security.patch
SRPM URL:
https://kojipkgs.fedoraproject.org//work/tasks/1383/53081383/pngcheck-2.3.0-1.fc34.src.rpm
Description: pngcheck verifies the integrity of PNG, JNG and MNG files (by
checking the
internal 32-bit CRCs [checksums] and decompressing the image data); it can
optionally dump almost all of the chunk-level information in the image in
human-readable form. For example, it can be used to print the basic statistics
about an image (dimensions, bit depth, etc.); to list the color and
transparency info in its palette (assuming it has one); or to extract the
embedded text annotations. This is a command-line program with batch
capabilities.

Included with pngcheck (since version 2.1.0) are two helper utilities:

  - pngsplit - break a PNG, MNG or JNG image into constituent chunks (numbered
    for easy reassembly)
  - png-fix-IDAT-windowsize - fix minor zlib-header breakage caused by libpng
    1.2.6

Fedora Account System Username: music

Koji build for Fedora 34:
https://koji.fedoraproject.org/koji/taskinfo?taskID=53081365
Koji build for Fedora 33:
https://koji.fedoraproject.org/koji/taskinfo?taskID=53081635
Koji build for Fedora 32:
https://koji.fedoraproject.org/koji/taskinfo?taskID=53081851
Koji build for EPEL8:
https://koji.fedoraproject.org/koji/taskinfo?taskID=53081964
Koji build for EPEL7:
https://koji.fedoraproject.org/koji/taskinfo?taskID=53082044

Note that pngcheck itself is under a minimal MIT license, while the helper
utilities, packaged in -extras, are GPLv2+. The (sub)package licenses reflect
this.

Upstream is not very active. There is no bug tracker, and the last release was
13 years ago. The utility itself nevertheless remains useful.

A small patch is used to allow the program to build without disabling
-Werror=format-security. This patch, and a separate file containing the MIT
license text, would generally be good suggestions to push back upstream;
however, given the lack of upstream activity, it does seem unlikely that a new
release would be made merely to accommodate Fedora’s preferences.

----

This is my second package for Fedora. I am seeking sponsorship into the
packager group; see my first approved package,
https://bugzilla.redhat.com/show_bug.cgi?id=1885684, for details.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux