Changelog for
openexr-devel-2.2.1-lp152.7.17.1.i586.rpm :
* Wed Jun 16 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function + openexr-CVE-2021-3605.patch
* Tue Jun 15 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars + openexr-CVE-2021-3598.patch
* Tue Apr 27 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-23215 [bsc#1185216], Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers fix CVE-2021-26260 [bsc#1185217], Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers + openexr-CVE-2021-23215,26260.patch
* Thu Apr 08 2021 pgajdosAATTsuse.com- security update- modified patches % openexr-CVE-2021-3474.patch (splitted into openexr-CVE-2021-20296.patch)- added patches fix CVE-2021-20296 [bsc#1184355], Segv on unknown address in Imf_2_5:hufUncompress - Null Pointer dereference + openexr-CVE-2021-20296.patch fix CVE-2021-3477 [bsc#1184353], Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts + openexr-CVE-2021-3477.patch fix CVE-2021-3479 [bsc#1184354], Out-of-memory caused by allocation of a very large buffer + openexr-CVE-2021-3479.patch
* Wed Mar 31 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3474 [bsc#1184174], Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder + openexr-CVE-2021-3474.patch fix CVE-2021-3475 [bsc#1184173], Integer-overflow in Imf_2_5::calculateNumTiles + openexr-CVE-2021-3475.patch fix CVE-2021-3476 [bsc#1184172], Undefined-shift in Imf_2_5::unpack14 + openexr-CVE-2021-3476.patch
* Wed Dec 16 2020 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-16587, CVE-2020-16588, CVE-2020-16589 [bsc#1179879], multiple memory safety issues + openexr-CVE-2020-16587.patch + openexr-CVE-2020-16588.patch + openexr-CVE-2020-16589.patch
* Wed Jul 01 2020 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-15304 [bsc#1173466], NULL pointer dereference in TiledInputFile:TiledInputFile() + openexr-CVE-2020-15304.patch fix CVE-2020-15305 [bsc#1173467], use-after-free in DeepScanLineInputFile:DeepScanLineInputFile() + openexr-CVE-2020-15305.patch fix CVE-2020-15306 [bsc#1173469], invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() + openexr-CVE-2020-15306.patch
* Wed Apr 22 2020 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-11762 [bsc#1169549], out-of-bounds read and write in DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case fix CVE-2020-11758 [bsc#1169573], out-of-bounds read in ImfOptimizedPixelReading.h. fix CVE-2020-11764 [bsc#1169574], out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp fix CVE-2020-11765 [bsc#1169575], off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier fix CVE-2020-11763 [bsc#1169576], out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp fix CVE-2020-11761 [bsc#1169578], out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp fix CVE-2020-11760 [bsc#1169580], out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp + openexr-CVE-2020-11762,11758,11764,11765,11763,11761,11760.patch
* Fri Sep 20 2019 pgajdosAATTsuse.com- testsuite only for x86_64 [bsc#1146648]
* Fri Sep 20 2019 pgajdosAATTsuse.com- on behalf of Martin Pluskal:- Enable tests on architectures with enough memory - boo#1146648
* disable imffuzztest as it takes to much resources
* Mon Jul 15 2019 pgajdosAATTsuse.com- security update- added patches CVE-2017-14988 [bsc#1061305] + openexr-CVE-2017-14988.patch
* Fri Jun 14 2019 pgajdosAATTsuse.com- security update- added patches CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115 [bsc#1040115] + openexr-CVE-2017-9111,9113,9115.patch
* Wed Nov 07 2018 Petr Gajdos
- security update
* CVE-2018-18444 [bsc#1113455] + openexr-CVE-2018-18444.patch
* Tue Nov 06 2018 Petr Gajdos - asan_build: build ASAN included- debug_build: build more suitable for debugging
* Mon Jan 15 2018 avindraAATTopensuse.org- Update to 2.2.1
* Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116- pgajdosAATTsuse.com: but really seem to fix only: CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for the rest of issues see [bsc#1040109], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305]
* Wed Jul 12 2017 tchvatalAATTsuse.com- Cleanup a bit with spec-cleaner
* Thu Jan 29 2015 mlinAATTsuse.com- Update to 2.2.0
* DreamWorks Lossy Compression A new high quality, high performance lossy compression codec contributed by DreamWorks Animation. This codec allows control over variable lossiness to balance visual quality and file size. This contribution also includes performance improvements that speed up the PIZ codec.
* IlmImfUtil A new library intended to aid in development of image file manipulation utilities that support the many types of OpenEXR images.
* This release also includes improvements to cross-platform build support using CMake.- Bumped the soname, and now we have libIlmImf and libIlmImfUtil- Removed openexr-2.1.0-headers.patch- Updated openexr.keyring from the savannah project page.