Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openexr for openSUSE:Factory checked in at 2024-02-14 23:18:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openexr (Old) and /work/SRC/openSUSE:Factory/.openexr.new.1815 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr" Wed Feb 14 23:18:56 2024 rev:62 rq:1146590 version:3.2.2 Changes: -------- --- /work/SRC/openSUSE:Factory/openexr/openexr.changes 2023-09-01 14:19:28.248788731 +0200 +++ /work/SRC/openSUSE:Factory/.openexr.new.1815/openexr.changes 2024-02-14 23:18:57.508728227 +0100 @@ -1,0 +2,36 @@ +Wed Feb 14 14:32:50 UTC 2024 - [email protected] + +- version update to 3.2.2 [bsc#1219498] + * [CVE-2023-5841](https://takeonme.org/cves/CVE-2023-5841.html). + Note that this bug is present in the C++ API (since v3.1.0), although + it is in a routine that is predominantly used for development and + testing. It is not likely to appear in production code. + * OSS-fuzz [66491](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66491) + Out-of-memory in openexr_exrcorecheck_fuzzer + * OSS-fuzz [66489](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66489) + Null-dereference in `Imf_3_3::realloc_deepdata` +- deleted patches + - openexr-CVE-2023-5841.patch (upstreamed) + +------------------------------------------------------------------- +Wed Feb 7 10:31:23 UTC 2024 - [email protected] + +- version update to 3.2.1 + ## Version 3.2.0 (August 30, 2023) + * Zip compression via ``libdeflate`` + * New camdkit/camdkit-enabled standard attributes + * Updated SO versioning policy + * Python bindings & PyPI wheel + * Miscellaneous improvements + ## Version 3.2.1 (September 27, 2023) + * Fix for linking statically against an external ``libdeflate`` + * Fix a compile error with ``OPENEXR_VERSION_HEX`` + * Fix various compiler warnings + * Pkg-config generation is now on by default for all systems, including Windows +- modified sources + % baselibs.conf +- added patches + fix CVE-2023-5841 [bsc#1219498], heap-based buffer overflow in generic_unpack_deep() + + openexr-CVE-2023-5841.patch + +------------------------------------------------------------------- Old: ---- v3.1.11.tar.gz New: ---- v3.2.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openexr.spec ++++++ --- /var/tmp/diff_new_pack.iVAq2e/_old 2024-02-14 23:18:58.344758368 +0100 +++ /var/tmp/diff_new_pack.iVAq2e/_new 2024-02-14 23:18:58.344758368 +0100 @@ -1,7 +1,7 @@ # # spec file for package openexr # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,10 +19,10 @@ %define prjname openexr # perhaps you want to build against corresponding Imath build %define debug_build 0 -%define sonum 30 -%global so_suffix -3_1 +%define sonum 31 +%global so_suffix -3_2 Name: openexr -Version: 3.1.11 +Version: 3.2.2 Release: 0 Summary: Utilities for working with HDR images in OpenEXR format License: BSD-3-Clause @@ -35,6 +35,7 @@ BuildRequires: gcc-c++ BuildRequires: pkgconfig BuildRequires: pkgconfig(Imath) +BuildRequires: pkgconfig(libdeflate) BuildRequires: pkgconfig(zlib) Obsoletes: OpenEXR <= 1.6.1 Provides: OpenEXR = %{version} @@ -136,6 +137,7 @@ Group: Documentation/Other Obsoletes: OpenEXR-doc <= 1.6.1 Provides: OpenEXR-doc = %{version} +BuildArch: noarch %description doc OpenEXR is a high dynamic-range (HDR) image file format developed by @@ -159,6 +161,16 @@ %cmake_install %check +# bin tests download test data from internet +EXCLUDE_REGEX='OpenEXR.bin' +%ifarch ppc64le +# bsc#1205885 +EXCLUDE_REGEX="$EXCLUDE_REGEX|testMultiTiledPartThreading" +%endif +%ifarch aarch64 +# https://github.com/AcademySoftwareFoundation/openexr/issues/1460 +EXCLUDE_REGEX="$EXCLUDE_REGEX|DWA[AB]Compression" +%endif # test failure on LE: https://github.com/AcademySoftwareFoundation/openexr/issues/1460 %ifnarch i586 ppc ppc64 s390 s390x export LD_LIBRARY_PATH="%{buildroot}/%{_libdir}" @@ -166,19 +178,9 @@ %if 0%{?suse_version} < 1550 # HACK - older versions of the ctest macro do not allow passing additional parameters %global __ctest %{__ctest} --timeout 3600 -%ctest -%else -%ifarch ppc64le -# bsc#1205885 -EXCLUDE_REGEX='testMultiTiledPartThreading' -%endif -%ifarch aarch64 -# https://github.com/AcademySoftwareFoundation/openexr/issues/1460 -EXCLUDE_REGEX='DWA[AB]Compression' %endif %ctest --exclude-regex "$EXCLUDE_REGEX" --timeout 3600 %endif -%endif %post -n libIex%{so_suffix}-%{sonum} -p /sbin/ldconfig %postun -n libIex%{so_suffix}-%{sonum} -p /sbin/ldconfig ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.iVAq2e/_old 2024-02-14 23:18:58.372759377 +0100 +++ /var/tmp/diff_new_pack.iVAq2e/_new 2024-02-14 23:18:58.376759521 +0100 @@ -1,6 +1,6 @@ -libOpenEXR-3_1-30 -libOpenEXRCore-3_1-30 -libOpenEXRUtil-3_1-30 -libIlmThread-3_1-30 -libIex-3_1-30 +libOpenEXR-3_2-31 +libOpenEXRCore-3_2-31 +libOpenEXRUtil-3_2-31 +libIlmThread-3_2-31 +libIex-3_2-31 ++++++ v3.1.11.tar.gz -> v3.2.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/openexr/v3.1.11.tar.gz /work/SRC/openSUSE:Factory/.openexr.new.1815/v3.2.2.tar.gz differ: char 13, line 1
