|
|
|
|
Changelog for libIlmThread-3_2-31-32bit-3.2.3-122.16.x86_64.rpm :
* Fri Mar 22 2024 Daniel Weatherill - version update to 3.2.3 * Patch release with various build/bug/documentation fixes * Fix bug OSS-fuzz 66676 Null-dereference in Imf_3_3::realloc_deepdata * Fix bug OSS-fuzz 66612 Null-dereference in Imf_3_3::realloc_deepdata * Wed Feb 14 2024 pgajdosAATTsuse.com- version update to 3.2.2 [bsc#1219498] * [CVE-2023-5841](https://takeonme.org/cves/CVE-2023-5841.html). Note that this bug is present in the C++ API (since v3.1.0), although it is in a routine that is predominantly used for development and testing. It is not likely to appear in production code. * OSS-fuzz [66491](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66491) Out-of-memory in openexr_exrcorecheck_fuzzer * OSS-fuzz [66489](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66489) Null-dereference in `Imf_3_3::realloc_deepdata`- deleted patches - openexr-CVE-2023-5841.patch (upstreamed) * Wed Feb 07 2024 pgajdosAATTsuse.com- version update to 3.2.1 [#]# Version 3.2.0 (August 30, 2023) * Zip compression via ``libdeflate`` * New camdkit/camdkit-enabled standard attributes * Updated SO versioning policy * Python bindings & PyPI wheel * Miscellaneous improvements [#]# Version 3.2.1 (September 27, 2023) * Fix for linking statically against an external ``libdeflate`` * Fix a compile error with ``OPENEXR_VERSION_HEX`` * Fix various compiler warnings * Pkg-config generation is now on by default for all systems, including Windows- modified sources % baselibs.conf- added patches fix CVE-2023-5841 [bsc#1219498], heap-based buffer overflow in generic_unpack_deep() + openexr-CVE-2023-5841.patch * Thu Aug 24 2023 pgajdosAATTsuse.com- version update to 3.1.11 [#]# Version 3.1.11 (August 13, 2023) Patch release that fixes a build failure with `-march=x86-64-v3` * Initialize `regs[]` to 0 in `check_for_x86_simd` * Fix CPUID detection with `-march=x86-64-v3` [#]# Version 3.1.10 (August 2, 2023) Patch release that addresses miscellaneous build issues, test failures, and performance regressions, as well as: * OSS-fuzz [59457](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59457) Heap-buffer-overflow in `LossyDctDecoder_execute` * Readdress #1456: disallow NaNs in `testOptimizedInterleavePatterns` * Revert pre-computed values * Fix handling for corrupt number of DC components * Add `OPENEXR_MISSING_ARM_VLD1` workaround to `internal_dwa_simd.h` * Fix Huffman performance regression on Linux/clang * Fix range check in dwa compressor * Fix build with i386 and musl libc * Fix the code contains unhandled character * Fix cpu detection of sse2 on non-64 x86 * Fix the code contains unhandled character * Fix gcc-11 warnings: signed/unsigned integer comparison, unused variables * Fix macOS and Windows build failures when threading is disabled * Fix build error on win_arm64- deleted patches - 1488.patch (upstreamed) * Tue Jul 18 2023 Guillaume GARDET - Add patch to fix regression on non-SSE architectures https://github.com/AcademySoftwareFoundation/openexr/issues/1460: * 1488.patch- Also disable \'DWA[AB]Compression\' test on aarch64 as the patch above fixes the issue for all targets, except aarch64 * Tue Jun 27 2023 pgajdosAATTsuse.com- version update to 3.1.9 * Patch release that addresses miscelleneous build and doc issues, as well as: . OSS-fuzz 59382 Heap-buffer-overflow in internal_huf_decompress * Tue Jun 20 2023 Dirk Müller - update to 3.1.8: * Support for DWA compression in OpenEXRCore * Fix OSS-fuzz 59070 Stack-buffer-overflow in DwaCompressor_readChannelRules * Sat Apr 15 2023 Dirk Müller - update to 3.1.7: * Patch release that fixes a build regression on ARMv7, and fixes a build issue with zlib. * Tue Mar 14 2023 Paolo Stivanin - update to 3.1.6: * NEON optimizations for ZIP reading * Enable fast Huffman & Huffman zig-zag transform for Arm Neon * Support relative and absolute libdir/includedir in pkg-config generation * Fix for reading memory mapped files with DWA compression * Enable SSE4 support on Windows * Fast huf decoder- Drop gcc13-fix.patch * Mon Mar 06 2023 Martin Liška - Add upstream fix gcc13-fix.patch. * Mon Feb 27 2023 pgajdosAATTsuse.com- fltk not needed (openexr-3.1.5/ASWF/tsc-meetings/2021-01-14.md) * Thu Dec 08 2022 pgajdosAATTsuse.com- skip testMultiTiledPartThreading for ppc64le [bsc#1205885] * Sat Nov 05 2022 Hans-Peter Jansen - Add _constraints: 6000 MiB memory * Mon May 02 2022 Dirk Müller - update to 3.1.5: * Add backwards-compatibilty flags to the core library to match original behavior of the the c++ library. Fixes reading of certain files by the new core. * Fix build failures on MSVC14 and MSVC 2022 * Fix build failure on latest 64-bit Ubuntu * Documentation refers to primary branch as \"main\" * Update the CI workflow matrix to VFX-CY2022 * Update auto-fetch Imath version to v3.1.5 Specific OSS-fuzz issues: * OSS-fuzz [46309](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46309) Heap-buffer-overflow in Imf_3_1::memstream_read * OSS-fuzz [46083](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46083) Out-of-memory in openexr_exrcheck_fuzzer * OSS-fuzz [45899](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45899) Integer-overflow in internal_exr_compute_chunk_offset_size * OSS-fuzz [44084](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44084) Out-of-memory in openexr_exrcheck_fuzzer * Mon Feb 14 2022 Dirk Müller - update to 3.1.4 (bsc#1194333): * Several bug fixes to properly reject invalid input upon read * A check to enable SSE2 when building with Visual Studio * A check to fix building with VisualStudio on ARM64 * Update the automatically-downloaded version of Imath to v3.1.4 * Miscellaneous documentation improvements- drop openexr-CVE-2021-45942.patch (upstream) * Wed Jan 05 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute + openexr-CVE-2021-45942.patch * Tue Nov 09 2021 pgajdosAATTsuse.com- version update to 3.1.3 Patch release with a change to default zip compression level: * Default zip compression level is now 4 (instead of 6), which in our tests improves compression times by 2x with only a tiny drop in compression ratio. * ``setDefaultZipCompression()`` and ``setDefaultDwaCompression()`` now set default compression levels for writing. * The Header how has ``zipCompressionLevel()`` and ``dwaCompressionLevel()`` to return the levels used for writing. Also, various bug fixes, build improvements, and documentation updates. In particular: * Fixes a build failure with Imath prior to v3.1 * Fixes a bug in detecting invalid chromaticity values- deleted patches - openexr-fix-armv7-2.patch (upstreamed) - openexr-fix-armv7.patch (upstreamed) * Tue Aug 31 2021 Guillaume GARDET - Add patch to fix OpenEXRCore.testHUF on armv7: * openexr-fix-armv7.patch * openexr-fix-armv7-2.patch * Mon Aug 16 2021 pgajdosAATTsuse.com- devel package obsoletes and provides ilmbase-devel * Fri Aug 13 2021 pgajdosAATTsuse.com- run spec-cleaner * Fri Aug 13 2021 pgajdosAATTsuse.com- fix baselibs.conf- modified sources % baselibs.conf * Fri Aug 13 2021 pgajdosAATTsuse.com- version update to 3.1.1 3.1.1 * Patch release that fixes build failures on various systems, introduces CMake CMAKE_CROSSCOMPILING_EMULATOR support, and fixes a few other minor issues. 3.1 * The 3.1 release of OpenEXR introduces a new library, OpenEXRCore, which is the result of a significant re-thinking of how OpenEXR manages file I/O and provides access to image data. It begins to address long-standing scalability issues with multithreaded image reading and writing. 3.0.1 Major release with major build restructing, security improvements, and new features: * Restructuring: - The IlmBase/PyIlmBase submodules have been separated into the Imath project, now included by OpenEXR via a CMake submodule dependency, fetched automatically via CMake\'s FetchContent if necessary. - The library is now called ``libOpenEXR`` (instead of ``libIlmImf``). No header files have been renamed, they retain the ``Imf`` prefix. - Symbol linkage visibility is limited to specific public symbols. * Build improvements: - No more simultaneous static/shared build option. - Community-provided support for bazel. * New Features: - ID Manifest Attributes, as described in [\"A Scheme for Storing Object ID Manifests in OpenEXR Images\"](https://doi.org/10.1145/3233085.3233086), Peter Hillman, DigiPro 18: Proceedings of the 8th Annual Digital Production Symposium, August 2018. - New program: exrcheck validates the contents of an EXR file. * Changes: - EXR files with no channels are no longer allowed. - Hard limit on the size of deep tile sizes; tiles must be less than 2^30 pixels. - Tiled DWAB files used STATIC_HUFFMAN compression. - ``Int64`` and ``SInt64`` types are deprecated in favor of ``uint64_t`` and ``int64_t``. - Header files have been pruned of extraneous ``#include``\'s (\"Include What You Use\"), which may generate compiler errors in application source code from undefined symbols or partially-defined types. These can be resolved by identifying and including the appropriate header. - See the [porting guide](https://github.com/AcademySoftwareFoundation/Imath/blob/master/docs/PortingGuide2-3.md) for details about differences from previous releases and how to address them. - Also refer to the porting guide for details about changes to Imath- deleted patches - 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch, renamed:- added patches fix https://github.com/AcademySoftwareFoundation/openexr/issues/595 + openexr-pkgconfig-fix-libdir.patch- deleted sources - _multibuild (not needed)- see CHANGES.md for details- deleted patches - openexr-pkgconfig-fix-libdir.patch (upstreamed) * Tue Aug 03 2021 pgajdosAATTsuse.com- version update to 2.5.7 Patch release of 2.5 with security and build fixes: * OSS-fuzz 28051 Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer * OSS-fuzz 28155 Crash in Imf_2_5::PtrIStream::read * Fix broken symlink and pkg-config lib suffix for cmake debug builds- modified patches % 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch (refreshed)- deleted patches - openexr-CVE-2021-3598.patch (upstreamed) - openexr-CVE-2021-3605.patch (upstreamed) * Wed Jun 16 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function + openexr-CVE-2021-3605.patch * Tue Jun 15 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars + openexr-CVE-2021-3598.patch * Tue Jun 15 2021 pgajdosAATTsuse.com- version update to 2.5.6 * [#1013](https://github.com/AcademySoftwareFoundation/openexr/pull/1013) Fixed regression in Imath::succf() and Imath::predf() when negative values are given * Wed Mar 31 2021 pgajdosAATTsuse.com- version update to 2.5.5 Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files, but also a fix for universal build support on macOS.- see CHANGES.md for details * Thu Jan 07 2021 pgajdosAATTsuse.com- merge also baselibs.conf- modified sources % baselibs.conf * Tue Jan 05 2021 pgajdosAATTsuse.com- merge ilmbase and openexr source packages into one _multibuild- added sources + _multibuild * Tue Jan 05 2021 pgajdosAATTsuse.com- version update to 2.5.4 * Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files.
|
|
|