PNG PNG!
2029 Headline: Worlds largest data breach caused by zero day exploit in popular PNG 3.0 renderer
the payload was reportedly embedded in an animated image of the attacker repeatedly flicking his left testicle
Ouch
I bet it was a single flick and he ran it on a loop.
Animated PNG has been trying to be an extension to the PNG spec for 20+ years.
Right there's actually like a select few applications that support it which is cool, but so many get confused when they see an apng file with frames.
Jxl train choo choo
Now if anyone don't mind explaining, PNG vs JXL?
JXL is badly supported but it does offer lossless encoding in a more flexible and much more efficient way than png doe
Basically jxl could theoretically replace png, jpg, and also exr.
Interestingly, I downloaded GNOME's pride month wallpaper to see what it looked like, and the files were JXL. Never seen them in the wild before that
But is it backwards compatible with an old version that can't be updated?
Speaking for animation, your browser probably already supports APNG. APNG is 21 years old and has decent adoption. But it’s officially part of the club.
That said, APNGs are fat as fuck and they’re a pretty old solution to animated graphics with an alpha channel. Don’t expect to see everyone making APNGs all of the sudden. There is a reason why people have kept it at a distance.
The PNG format is made of chunks that have determined roles, and provides provisions for newer "standardized" chunks alongside the custom chunks it had supported until now. It is likely that PNG made with newer software that does not use new features, or uses only additional features, will remain readable by older software to some extent.
Yeah, this was my first thought. How many slightly older, no-longer-being-updated pieces of software will fail to open the new version? Hopefully it’s built in a way that it just falls back to legacy and ignores the extra information so you can at least load the file.
Popular photo and video editing apps like Photoshop, DaVinci Resolve, and Avid Media Composer already support it, alongside Chrome, Safari, and Firefox. Apple’s iOS and macOS also work with the new file standard.
This is all the article mentions. I hope you’re right about the backwards compatibility.
I remember the Wild West Web days when it was a toss up seeing if animated Gifs, transparencies in images, or the specific hexadecimal for your personal shade of purple you created would render properly between browsers.
Ooh, that was the coaster company, I remember them.
I mean, that's already how animated .gifs work. If somehow you manage to load one into a viewer that doesn't support the animation functionality it will at least dutifully display the first frame.
How the hell you would manage to do that in this day and age escapes me, but there were a fair few years in the early '90s where you might run into that sort of thing.
I'm probably gonna be massively downvoted for saying the forbidden word but I asked AI to do a summary with references of the forward and backward compatibility of PNG's new version:
!
Based on recent search results, the new PNG specification (Third Edition) and its reference library (libpng) maintain strong backward compatibility while introducing modern features. Here's a detailed compatibility analysis:
png_struct/png_info internals since 1.5.0) ensures older apps using png_get_*/png_set_* functions remain compatible. Direct struct access, deprecated since 1.4.x, may break in libpng 2.0.x (C99-only) .png_image_free()) were patched in libpng 1.6.37+, making the new lib safer for decoding old files .IHDR or IDAT remain unchanged .mDCv chunk. Older libs ignore HDR data, falling back to SDR, which may cause color inaccuracies .eXIf chunks are ignored by legacy decoders, losing metadata like GPS or copyright info .| Scenario | Compatibility | Key Considerations |
|---|---|---|
| Old PNG → New Lib | ✅ Excellent | Legacy files work flawlessly; security improved. |
| New PNG → Old Lib | ⚠️ Partial | Basic rendering works, but HDR/APNG/EXIF ignored. Security risks in unpatched versions. |
| New Features | 🔧 Conditional | Requires updated apps (e.g., Photoshop, browsers) and OS support . |
For developers: Use png_get_valid(png_ptr, info_ptr, PNG_INFO_mDCv) to check HDR support and provide fallbacks .
!<
I could have sworn animated pngs were a thing in the Macromedia Fireworks days. Really dating myself with that ref.
There were two different animated PNG extensions, MNG and APNG. Neither of them ever really caught on. I guess they're hoping to do better by baking it into the core spec.
Fracturing support for a legacy format makes so much more sense than actually supporting a modern format like JXL, right?
This is a most excellent place for technology news and articles.
