In order to address several vulnerabilities in libpng, upgrade from
1.4.3 to 1.6.36. Also, use built-in pngusr.dfa methods to disable
unneeded features.
Upgrade libjpeg-turbo from 1.1.1 to 1.5.3, and use patch to disable
unneeded features (instead of using custom jmorecfg.h file)
Note: Upgrade beyond 1.5.3 will require CMake as new dependency
In order to address several vulnerabilities in libpng, upgrade from 1.4.3 to 1.6.36. Also, use built-in pngusr.dfa methods to disable unneeded features.
Upgrade libjpeg-turbo from 1.1.1 to 1.5.3, and use patch to disable unneeded features (instead of using custom jmorecfg.h file) Note: Upgrade beyond 1.5.3 will require CMake as new dependency
Fixes for libpng: CVE-2011-2501, CVE-2011-2690, CVE-2011-2691, CVE-2011-2692 CVE-2011-3048, CVE-2012-3425, CVE-2013-6954, CVE-2013-7353, CVE-2013-7354, CVE-2014-9495, CVE-2015-0973, CVE-2015-8126, CVE-2015-7981, CVE-2015-8472, CVE-2015-8540, CVE-2016-10087
Fixes for libjpeg-turbo: CVE-2013-6629, CVE-2013-6630, CVE-2014-9092
Closes #68