libpng-1.6.16 has been released to fix two potential overflows while reading very wide images.
libpng-1.6.14 has been released. This is mostly a code cleanup, with a minor bugfix to the iTXt chunk handler.
libpng-1.6.13 and libpng-1.5.19 have been released. These are simple code-cleanup releases without any security issues or new features.
libpng-1.6.12 has been released to relocate an out-of-order statement introduced in libpng-1.6.11.
libpng-1.6.10 avoids an infinite loop while reading a datastream whose first IDAT chunk is of zero-length. This fixes CERT VU#684412 and CVE-2014-0333.
libpng-1.6.9 is a simple cleanup release.
Libpng-1.6.8 has been released. This fixes a potential NULL pointer dereference and is otherwise a simple cleanup release.
Libpng-1.6.7 adds ARMv8 support and improves/simplifies the unknown chunk handling, and has been made compatible with automake-1.14.
libpng-1.6.5 did not correct the error it was supposed to fix (two stray lines in arm/arm_init.c). The bad lines are removed from 1.6.6.
libpng-1.6.5 has been released, to remove two stray lines in arm/arm_init.c that caused libpng to fail to compile when ARM support is enabled.
libpng-1.6.4 has been released. It has some minor speed and footprint optimizations.
libpng-1.6.3 has been released. It has improved support for ARM platforms.
libpng-1.5.17 has been released. There are minor changes, mainly in the ARM support.
libpng public releases 1.2.50, 1.4.12, 1.5.16, and 1.6.2 now have PGP signatures signed by Glenn Randers-Pehrson. In the frs they are in libpngNN/libpng.x.y.z/Gnupg, and in the GIT repository there are signed tags libpng-1.2.50-signed, libpng-1.4.12-signed, libpng-1.5.16-signed, and libpng-1.6.2-signed. Future public releases (but not beta releases or intermediate GIT checkins) will be similarly signed. To verify a release you have downloaded, follow the instructions in Gnupg/libpng-x.y.z-gnupg-README.txt
libpng-1.6.2 fixes a bug in which libpng-1.6.0 and 1.6.1 would write uncompressed iTXt chunks with the wrong length. An application for fixing such PNGs is supplied in contrib/tools/fixitxt.c.
libpng-1.6.1 has been released. It is a minor cleanup release. For legacy applications, libpng-1.5.15 has also been released.
libpng-1.6.0 has been released. This version adds a "simplified API" for reading and writing PNG images.
Visit http://libpng.sf.net for details.
libpng-1.2.45 and 1.0.55 have bad Makefile.in and Makefile.am. This is fixed (by reverting to previous versions) in libpng-1.2.46rc01 and 1.0.56rc01.
libpng-1.5.4, 1.4.8, 1.2.45, and 1.0.55 have been released. These fix CVE-2011-2501 and several additional minor security problems.
libpng-1.4.7 has been released. It is supposed to be the last of the libpng14 series, unless a security vulnerability is discovered. libpng-1.4.6 was also released recently but it failed to build on some platforms.
This is a minor cleanup release.
libpng-1.5.1 has been released. It fixes the bug with png_rgb_to_gray() function in libpng-1.5.0, cleans up the documentation, and adds additional testing.
A bug has been found in the png_rgb_to_gray() transform. Use of this transform can lead to incorrect results or a crash. The bug has been fixed in libpng-1.5.1beta01; we expect to release libpng-1.5.1 before the end of January. The bug does not exist in libpng-1.4.x and earlier.
Libpng-1.5.0 has been released. The png and png_info structs have been moved into separate private header files; direct access of their members by applications (long deprecated) is no longer possible. A new test program, "pngvalid" is provided.