Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package OpenColorIO for openSUSE:Factory checked in at 2026-05-17 18:57:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/OpenColorIO (Old) and /work/SRC/openSUSE:Factory/.OpenColorIO.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "OpenColorIO" Sun May 17 18:57:10 2026 rev:31 rq:1353592 version:2.5.2 Changes: -------- --- /work/SRC/openSUSE:Factory/OpenColorIO/OpenColorIO.changes 2026-01-13 21:34:35.620068515 +0100 +++ /work/SRC/openSUSE:Factory/.OpenColorIO.new.1966/OpenColorIO.changes 2026-05-17 18:57:29.269925989 +0200 @@ -1,0 +2,32 @@ +Wed May 13 19:45:36 UTC 2026 - Marcus Rueckert <[email protected]> + +- Update to 2.5.2 + - Security fix: + - PR #2307, Improve LUT loading checks (CVE-2026-42450) + - This PR addressed the following GitHub security reports. + These were all potential stack buffer overflow + vulnerabilities due to unsafe use of sscanf in the parsers + for .spi3d, .spi1d, .cube, and .lut formats: + - GHSA-rxp3-rrgx-f547 + - GHSA-66xr-9rgw-v6m8 + - GHSA-28jr-x9w2-5pc4 + - GHSA-fgx7-35rr-5mx2 + - Bug fixes and security enhancements: + - PR #2270, Fix vector comparison expression for HLSL + - PR #2276, Adsk Contrib - Hue curve python binding was not + copying all parameters + - PR #2281, Fix OpenGL ES type issues in ACES2 FixedFunction + Ops + - PR #2308, Adsk Contrib - Miscellaneous improvements suggested + by Claude + - Build, documentation, and website enhancements: + - PR #2304, Add /bigobj for pybind11 target on Windows + - PR #2273, Fix linking to self-built deps on Windows + Clang + - PR #2302, Improve CMake and Actions settings + - PR #2285, Adsk Contrib - Update Python documentation + requirements + - PR #2252, Update 2.5 documentation regarding ABI + compatability + - PR #2264, Add more info to the documentation overview page + +------------------------------------------------------------------- Old: ---- v2.5.1.tar.gz New: ---- v2.5.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ OpenColorIO.spec ++++++ --- /var/tmp/diff_new_pack.tptGph/_old 2026-05-17 18:57:29.921952590 +0200 +++ /var/tmp/diff_new_pack.tptGph/_new 2026-05-17 18:57:29.925952753 +0200 @@ -32,7 +32,7 @@ %else Name: OpenColorIO-tools %endif -Version: 2.5.1 +Version: 2.5.2 Release: 0 Summary: Color Management Solution Geared Towards Motion Picture Production License: BSD-3-Clause ++++++ v2.5.1.tar.gz -> v2.5.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/OpenColorIO/v2.5.1.tar.gz /work/SRC/openSUSE:Factory/.OpenColorIO.new.1966/v2.5.2.tar.gz differ: char 13, line 1
