libpng 1.6.51 - November 21, 2025
=================================

This is a public release of libpng, intended for use in production code.


Files available for download
----------------------------

Source files with LF line endings (for Unix/Linux):

 * libpng-1.6.51.tar.xz (LZMA-compressed, recommended)
 * libpng-1.6.51.tar.gz (deflate-compressed)

Source files with CRLF line endings (for Windows):

 * lpng1651.7z (LZMA-compressed, recommended)
 * lpng1651.zip (deflate-compressed)

Other information:

 * README.md
 * LICENSE.md
 * AUTHORS.md
 * TRADEMARK.md


Changes from version 1.6.50 to version 1.6.51
---------------------------------------------

 * Fixed CVE-2025-64505 (moderate severity):
   Heap buffer overflow in `png_do_quantize` via malformed palette index.
   (Reported by Samsung; analyzed by Fabio Gritti.)
 * Fixed CVE-2025-64506 (moderate severity):
   Heap buffer over-read in `png_write_image_8bit` with 8-bit input and
   `convert_to_8bit` enabled.
   (Reported by Samsung and <weijinjinnihao@users.noreply.github.com>;
   analyzed by Fabio Gritti.)
 * Fixed CVE-2025-64720 (high severity):
   Buffer overflow in `png_image_read_composite` via incorrect palette
   premultiplication.
   (Reported by Samsung; analyzed by John Bowler.)
 * Fixed CVE-2025-65018 (high severity):
   Heap buffer overflow in `png_combine_row` triggered via
   `png_image_finish_read`.
   (Reported by <yosiimich@users.noreply.github.com>.)
 * Fixed a memory leak in `png_set_quantize`.
   (Reported by Samsung; analyzed by Fabio Gritti.)
 * Removed the experimental and incomplete ERROR_NUMBERS code.
   (Contributed by Tobias Stoeckmann.)
 * Improved the RISC-V vector extension support; required RVV 1.0 or newer.
   (Contributed by Filip Wasil.)
 * Added GitHub Actions workflows for automated testing.
 * Performed various refactorings and cleanups.


Send comments/corrections/commendations to png-mng-implement at lists.sf.net.
Subscription is required; visit
https://lists.sourceforge.net/lists/listinfo/png-mng-implement
to subscribe.
