https://bugzilla.redhat.com/show_bug.cgi?id=1886858 Bug ID: 1886858 Summary: Review Request: pngcheck - Verifies the integrity of PNG, JNG and MNG files Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Assignee: nobody@xxxxxxxxxxxxxxxxx Reporter: code@xxxxxxxxxxxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx Target Milestone: --- Classification: Fedora Spec URL: https://gitlab.com/musicinmybrain/pngcheck-rpm/-/raw/master/pngcheck.spec Patch URL: https://gitlab.com/musicinmybrain/pngcheck-rpm/-/raw/master/pngcheck-2.3.0-format-security.patch SRPM URL: https://kojipkgs.fedoraproject.org//work/tasks/1383/53081383/pngcheck-2.3.0-1.fc34.src.rpm Description: pngcheck verifies the integrity of PNG, JNG and MNG files (by checking the internal 32-bit CRCs [checksums] and decompressing the image data); it can optionally dump almost all of the chunk-level information in the image in human-readable form. For example, it can be used to print the basic statistics about an image (dimensions, bit depth, etc.); to list the color and transparency info in its palette (assuming it has one); or to extract the embedded text annotations. This is a command-line program with batch capabilities. Included with pngcheck (since version 2.1.0) are two helper utilities: - pngsplit - break a PNG, MNG or JNG image into constituent chunks (numbered for easy reassembly) - png-fix-IDAT-windowsize - fix minor zlib-header breakage caused by libpng 1.2.6 Fedora Account System Username: music Koji build for Fedora 34: https://koji.fedoraproject.org/koji/taskinfo?taskID=53081365 Koji build for Fedora 33: https://koji.fedoraproject.org/koji/taskinfo?taskID=53081635 Koji build for Fedora 32: https://koji.fedoraproject.org/koji/taskinfo?taskID=53081851 Koji build for EPEL8: https://koji.fedoraproject.org/koji/taskinfo?taskID=53081964 Koji build for EPEL7: https://koji.fedoraproject.org/koji/taskinfo?taskID=53082044 Note that pngcheck itself is under a minimal MIT license, while the helper utilities, packaged in -extras, are GPLv2+. The (sub)package licenses reflect this. Upstream is not very active. There is no bug tracker, and the last release was 13 years ago. The utility itself nevertheless remains useful. A small patch is used to allow the program to build without disabling -Werror=format-security. This patch, and a separate file containing the MIT license text, would generally be good suggestions to push back upstream; however, given the lack of upstream activity, it does seem unlikely that a new release would be made merely to accommodate Fedora’s preferences. ---- This is my second package for Fedora. I am seeking sponsorship into the packager group; see my first approved package, https://bugzilla.redhat.com/show_bug.cgi?id=1885684, for details. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
