Changelog for
libOpenEXR-3_2-31-3.2.2-lp156.124.3.x86_64.rpm :
* Wed Feb 14 2024 pgajdosAATTsuse.com- version update to 3.2.2 [bsc#1219498]
* [CVE-2023-5841](https://takeonme.org/cves/CVE-2023-5841.html). Note that this bug is present in the C++ API (since v3.1.0), although it is in a routine that is predominantly used for development and testing. It is not likely to appear in production code.
* OSS-fuzz [66491](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66491) Out-of-memory in openexr_exrcorecheck_fuzzer
* OSS-fuzz [66489](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66489) Null-dereference in `Imf_3_3::realloc_deepdata`- deleted patches - openexr-CVE-2023-5841.patch (upstreamed)
* Wed Feb 07 2024 pgajdosAATTsuse.com- version update to 3.2.1 [#]# Version 3.2.0 (August 30, 2023)
* Zip compression via ``libdeflate``
* New camdkit/camdkit-enabled standard attributes
* Updated SO versioning policy
* Python bindings & PyPI wheel
* Miscellaneous improvements [#]# Version 3.2.1 (September 27, 2023)
* Fix for linking statically against an external ``libdeflate``
* Fix a compile error with ``OPENEXR_VERSION_HEX``
* Fix various compiler warnings
* Pkg-config generation is now on by default for all systems, including Windows- modified sources % baselibs.conf- added patches fix CVE-2023-5841 [bsc#1219498], heap-based buffer overflow in generic_unpack_deep() + openexr-CVE-2023-5841.patch
* Thu Aug 24 2023 pgajdosAATTsuse.com- version update to 3.1.11 [#]# Version 3.1.11 (August 13, 2023) Patch release that fixes a build failure with `-march=x86-64-v3`
* Initialize `regs[]` to 0 in `check_for_x86_simd`
* Fix CPUID detection with `-march=x86-64-v3` [#]# Version 3.1.10 (August 2, 2023) Patch release that addresses miscellaneous build issues, test failures, and performance regressions, as well as:
* OSS-fuzz [59457](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59457) Heap-buffer-overflow in `LossyDctDecoder_execute`
* Readdress #1456: disallow NaNs in `testOptimizedInterleavePatterns`
* Revert pre-computed values
* Fix handling for corrupt number of DC components
* Add `OPENEXR_MISSING_ARM_VLD1` workaround to `internal_dwa_simd.h`
* Fix Huffman performance regression on Linux/clang
* Fix range check in dwa compressor
* Fix build with i386 and musl libc
* Fix the code contains unhandled character
* Fix cpu detection of sse2 on non-64 x86
* Fix the code contains unhandled character
* Fix gcc-11 warnings: signed/unsigned integer comparison, unused variables
* Fix macOS and Windows build failures when threading is disabled
* Fix build error on win_arm64- deleted patches - 1488.patch (upstreamed)
* Tue Jul 18 2023 Guillaume GARDET
- Add patch to fix regression on non-SSE architectures https://github.com/AcademySoftwareFoundation/openexr/issues/1460:
* 1488.patch- Also disable \'DWA[AB]Compression\' test on aarch64 as the patch above fixes the issue for all targets, except aarch64
* Tue Jun 27 2023 pgajdosAATTsuse.com- version update to 3.1.9
* Patch release that addresses miscelleneous build and doc issues, as well as: . OSS-fuzz 59382 Heap-buffer-overflow in internal_huf_decompress
* Tue Jun 20 2023 Dirk Müller - update to 3.1.8:
* Support for DWA compression in OpenEXRCore
* Fix OSS-fuzz 59070 Stack-buffer-overflow in DwaCompressor_readChannelRules
* Sat Apr 15 2023 Dirk Müller - update to 3.1.7:
* Patch release that fixes a build regression on ARMv7, and fixes a build issue with zlib.
* Tue Mar 14 2023 Paolo Stivanin - update to 3.1.6:
* NEON optimizations for ZIP reading
* Enable fast Huffman & Huffman zig-zag transform for Arm Neon
* Support relative and absolute libdir/includedir in pkg-config generation
* Fix for reading memory mapped files with DWA compression
* Enable SSE4 support on Windows
* Fast huf decoder- Drop gcc13-fix.patch
* Mon Mar 06 2023 Martin Liška - Add upstream fix gcc13-fix.patch.
* Mon Feb 27 2023 pgajdosAATTsuse.com- fltk not needed (openexr-3.1.5/ASWF/tsc-meetings/2021-01-14.md)
* Thu Dec 08 2022 pgajdosAATTsuse.com- skip testMultiTiledPartThreading for ppc64le [bsc#1205885]
* Sat Nov 05 2022 Hans-Peter Jansen - Add _constraints: 6000 MiB memory
* Mon May 02 2022 Dirk Müller - update to 3.1.5:
* Add backwards-compatibilty flags to the core library to match original behavior of the the c++ library. Fixes reading of certain files by the new core.
* Fix build failures on MSVC14 and MSVC 2022
* Fix build failure on latest 64-bit Ubuntu
* Documentation refers to primary branch as \"main\"
* Update the CI workflow matrix to VFX-CY2022
* Update auto-fetch Imath version to v3.1.5 Specific OSS-fuzz issues:
* OSS-fuzz [46309](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46309) Heap-buffer-overflow in Imf_3_1::memstream_read
* OSS-fuzz [46083](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46083) Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [45899](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45899) Integer-overflow in internal_exr_compute_chunk_offset_size
* OSS-fuzz [44084](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44084) Out-of-memory in openexr_exrcheck_fuzzer
* Mon Feb 14 2022 Dirk Müller - update to 3.1.4 (bsc#1194333):
* Several bug fixes to properly reject invalid input upon read
* A check to enable SSE2 when building with Visual Studio
* A check to fix building with VisualStudio on ARM64
* Update the automatically-downloaded version of Imath to v3.1.4
* Miscellaneous documentation improvements- drop openexr-CVE-2021-45942.patch (upstream)
* Wed Jan 05 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute + openexr-CVE-2021-45942.patch
* Tue Nov 09 2021 pgajdosAATTsuse.com- version update to 3.1.3 Patch release with a change to default zip compression level:
* Default zip compression level is now 4 (instead of 6), which in our tests improves compression times by 2x with only a tiny drop in compression ratio.
* ``setDefaultZipCompression()`` and ``setDefaultDwaCompression()`` now set default compression levels for writing.
* The Header how has ``zipCompressionLevel()`` and ``dwaCompressionLevel()`` to return the levels used for writing. Also, various bug fixes, build improvements, and documentation updates. In particular:
* Fixes a build failure with Imath prior to v3.1
* Fixes a bug in detecting invalid chromaticity values- deleted patches - openexr-fix-armv7-2.patch (upstreamed) - openexr-fix-armv7.patch (upstreamed)
* Tue Aug 31 2021 Guillaume GARDET - Add patch to fix OpenEXRCore.testHUF on armv7:
* openexr-fix-armv7.patch
* openexr-fix-armv7-2.patch
* Mon Aug 16 2021 pgajdosAATTsuse.com- devel package obsoletes and provides ilmbase-devel
* Fri Aug 13 2021 pgajdosAATTsuse.com- run spec-cleaner
* Fri Aug 13 2021 pgajdosAATTsuse.com- fix baselibs.conf- modified sources % baselibs.conf
* Fri Aug 13 2021 pgajdosAATTsuse.com- version update to 3.1.1 3.1.1
* Patch release that fixes build failures on various systems, introduces CMake CMAKE_CROSSCOMPILING_EMULATOR support, and fixes a few other minor issues. 3.1
* The 3.1 release of OpenEXR introduces a new library, OpenEXRCore, which is the result of a significant re-thinking of how OpenEXR manages file I/O and provides access to image data. It begins to address long-standing scalability issues with multithreaded image reading and writing. 3.0.1 Major release with major build restructing, security improvements, and new features:
* Restructuring: - The IlmBase/PyIlmBase submodules have been separated into the Imath project, now included by OpenEXR via a CMake submodule dependency, fetched automatically via CMake\'s FetchContent if necessary. - The library is now called ``libOpenEXR`` (instead of ``libIlmImf``). No header files have been renamed, they retain the ``Imf`` prefix. - Symbol linkage visibility is limited to specific public symbols.
* Build improvements: - No more simultaneous static/shared build option. - Community-provided support for bazel.
* New Features: - ID Manifest Attributes, as described in [\"A Scheme for Storing Object ID Manifests in OpenEXR Images\"](https://doi.org/10.1145/3233085.3233086), Peter Hillman, DigiPro 18: Proceedings of the 8th Annual Digital Production Symposium, August 2018. - New program: exrcheck validates the contents of an EXR file.
* Changes: - EXR files with no channels are no longer allowed. - Hard limit on the size of deep tile sizes; tiles must be less than 2^30 pixels. - Tiled DWAB files used STATIC_HUFFMAN compression. - ``Int64`` and ``SInt64`` types are deprecated in favor of ``uint64_t`` and ``int64_t``. - Header files have been pruned of extraneous ``#include``\'s (\"Include What You Use\"), which may generate compiler errors in application source code from undefined symbols or partially-defined types. These can be resolved by identifying and including the appropriate header. - See the [porting guide](https://github.com/AcademySoftwareFoundation/Imath/blob/master/docs/PortingGuide2-3.md) for details about differences from previous releases and how to address them. - Also refer to the porting guide for details about changes to Imath- deleted patches - 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch, renamed:- added patches fix https://github.com/AcademySoftwareFoundation/openexr/issues/595 + openexr-pkgconfig-fix-libdir.patch- deleted sources - _multibuild (not needed)- see CHANGES.md for details- deleted patches - openexr-pkgconfig-fix-libdir.patch (upstreamed)
* Tue Aug 03 2021 pgajdosAATTsuse.com- version update to 2.5.7 Patch release of 2.5 with security and build fixes:
* OSS-fuzz 28051 Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer
* OSS-fuzz 28155 Crash in Imf_2_5::PtrIStream::read
* Fix broken symlink and pkg-config lib suffix for cmake debug builds- modified patches % 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch (refreshed)- deleted patches - openexr-CVE-2021-3598.patch (upstreamed) - openexr-CVE-2021-3605.patch (upstreamed)
* Wed Jun 16 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function + openexr-CVE-2021-3605.patch
* Tue Jun 15 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars + openexr-CVE-2021-3598.patch
* Tue Jun 15 2021 pgajdosAATTsuse.com- version update to 2.5.6
* [#1013](https://github.com/AcademySoftwareFoundation/openexr/pull/1013) Fixed regression in Imath::succf() and Imath::predf() when negative values are given
* Wed Mar 31 2021 pgajdosAATTsuse.com- version update to 2.5.5 Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files, but also a fix for universal build support on macOS.- see CHANGES.md for details
* Thu Jan 07 2021 pgajdosAATTsuse.com- merge also baselibs.conf- modified sources % baselibs.conf
* Tue Jan 05 2021 pgajdosAATTsuse.com- merge ilmbase and openexr source packages into one _multibuild- added sources + _multibuild
* Tue Jan 05 2021 pgajdosAATTsuse.com- version update to 2.5.4
* Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files.
* Wed Sep 30 2020 pgajdosAATTsuse.com- version update to 2.5.3
* Various sanitizer/fuzz-identified issues related to handling of invalid input
* Fixes to misc compiler warnings
* Cmake fix for building on arm64 macOS (#772)
* Read performance optimization (#782)
* Fix for building on non-glibc (#798)
* Fixes to tests
* Tue Sep 15 2020 roAATTsuse.de- Disable testsuite also on s390/s390x, probably will not pass on any bigendian platform in current state
* Thu Jul 16 2020 Andreas Schwab - Disable testsuite also on ppc
* Sun Jul 05 2020 Stefan Brüns - Fix 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch so pkgconfig file has no duplicate prefix.- Run test suite also on all other archs but i586 and ppc64(be)
* Mon Jun 29 2020 pgajdosAATTsuse.com- version update to 2.5.2 2.5.2
* Invalid input could cause a heap-use-after-free error in DeepScanLineInputFile::DeepScanLineInputFile()
* Invalid chunkCount attributes could cause heap buffer overflow in getChunkOffsetTableSize()
* Invalid tiled input file could cause invalid memory access TiledInputFile::TiledInputFile()
* OpenEXRConfig.h now correctly sets OPENEXR_PACKAGE_STRING to \"OpenEXR\" (rather than \"IlmBase\") 2.5.1
* A patch release that corrects the SO version for the v2.5 release, which missed getting bumped in v2.5.0.
* This release also fixes an improper failure in IlmImfTest when running on ARMv7 and AAarch64. 2.5.0
* No more build-time header generation: toFloat.h, eLut.h, b44ExpLogTable.h, and dwaLookups.h are now ordinary header files, no longer generated on the fly.
* New StdISSTream class, an \"input\" stringstream version of StdOSStream
* New Matrix22 class in Imath
* Chromaticity comparison operator now includes white (formerly ignored)
* Various cmake fixes
* Bug fixes for various memory leaks
* Bug fixes for various invalid memory accesses
* New checks to detect damaged input files
* OpenEXR_Viewers has been deprecated, removed from the top-level cmake build and documentation.- modified patches % 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch (refreshed)- modified sources % baselibs.conf
* Thu Apr 16 2020 pgajdosAATTsuse.com- version update to 2.4.1
* Various fixes for memory leaks and invalid memory accesses
* Various fixes for integer overflow with large images.
* Various cmake fixes for build/install of python modules.
* ImfMisc.h is no longer installed, since it\'s a private header.- deleted patches - Fix-the-symlinks-creation.patch (upstreamed)
* Mon Feb 10 2020 Stefan Brüns - Fix relative paths in generated pkgconfig files: 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch
* Sun Nov 24 2019 Stefan Brüns - Fix build with older cmake package (Leap 15.0 up to 15.2), the included ctest macro does not accept extra parameters.
* Thu Nov 14 2019 Christophe Giboudeaux - Add Fix-the-symlinks-creation.patch to fix the symlinks creation.
* Mon Oct 07 2019 pgajdosAATTsuse.com- fix OpenEXR.pc
* Fri Oct 04 2019 pgajdosAATTsuse.com- increase timeout for IlmImf test
* Thu Sep 26 2019 pgajdosAATTsuse.com- version update to 2.4.0
* Completely re-written CMake configuration files
* Improved support for building on Windows, via CMake
* Improved support for building on macOS, via CMake
* All code compiles without warnings on gcc, clang, msvc
* Cleanup of license and copyright notices
* floating-point exception handling is disabled by default
* New Slice::Make method to reliably compute base pointer for a slice.
* Miscellaneous bug fixes
* CVE-2018-18444 Issue #351 Out of Memory
* CVE-2018-18443 Issue #350 heap-buffer-overflow- upstream does not provide gpg signature anymore https://github.com/openexr/openexr/issues/565- modified sources % baselibs.conf- deleted patches - openexr-CVE-2017-14988.patch (upstreamed) - openexr-CVE-2017-9111,9113,9115.patch (upstreamed) - openexr-CVE-2018-18444.patch (upstreamed)- deleted sources - openexr-2.3.0.tar.gz.sig (not needed) - openexr.keyring (not needed)
* Fri Sep 20 2019 pgajdosAATTsuse.com- testsuite only for x86_64 [bsc#1146648]
* Wed Aug 21 2019 Martin Pluskal - Enable tests on architectures with enough memory - boo#1146648
* disable imffuzztest as it takes to much resources
* Mon Jul 15 2019 pgajdosAATTsuse.com- security update- added patches CVE-2017-14988 [bsc#1061305] + openexr-CVE-2017-14988.patch
* Fri Jun 14 2019 pgajdosAATTsuse.com- security update- added patches CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115 [bsc#1040115] + openexr-CVE-2017-9111,9113,9115.patch
* Wed Nov 07 2018 Jan Engelhardt - Codify new ilmbase requirements.
* Wed Nov 07 2018 Petr Gajdos - security update
* CVE-2018-18444 [bsc#1113455] + openexr-CVE-2018-18444.patch
* Tue Nov 06 2018 Petr Gajdos - asan_build: build ASAN included- debug_build: build more suitable for debugging
* Mon Nov 05 2018 Jan Engelhardt - Remove useless --with-pic.- Adjust RPM groups and repair sentence structure.
* Mon Nov 05 2018 Petr Gajdos - updated to 2.3.0
* ThreadPool overhead improvements, enable custom thread pool to be registered via ThreadPoolProvider class
* Fixes to enable custom namespaces for Iex, Imf
* Improve read performance for deep/zipped data, and SIMD-accelerated uncompress support
* Added rawPixelDataToBuffer() function for access to compressed scanlines
* Iex::BaseExc no longer derived from std::string.
* Imath throw() specifiers removed
* Initial Support for Python 3
* removed patch
* Mon Jan 15 2018 avindraAATTopensuse.org- Update to 2.2.1
* Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116- pgajdosAATTsuse.com: but really seem to fix only: CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for the rest of issues see [bsc#1040109], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305]
* Wed Jul 12 2017 tchvatalAATTsuse.com- Cleanup a bit with spec-cleaner
* Thu Jan 29 2015 mlinAATTsuse.com- Update to 2.2.0
* DreamWorks Lossy Compression A new high quality, high performance lossy compression codec contributed by DreamWorks Animation. This codec allows control over variable lossiness to balance visual quality and file size. This contribution also includes performance improvements that speed up the PIZ codec.
* IlmImfUtil A new library intended to aid in development of image file manipulation utilities that support the many types of OpenEXR images.
* This release also includes improvements to cross-platform build support using CMake.- Bumped the soname, and now we have libIlmImf and libIlmImfUtil- Removed openexr-2.1.0-headers.patch- Updated openexr.keyring from the savannah project page.