Hello community, here is the log from the commit of package openexr for openSUSE:Factory checked in at 2018-02-15 13:20:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openexr (Old) and /work/SRC/openSUSE:Factory/.openexr.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr" Thu Feb 15 13:20:29 2018 rev:27 rq:575815 version:2.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/openexr/openexr.changes 2017-07-17 09:02:17.318885371 +0200 +++ /work/SRC/openSUSE:Factory/.openexr.new/openexr.changes 2018-02-15 13:20:32.574790767 +0100 @@ -1,0 +2,13 @@ +Mon Jan 15 05:19:19 UTC 2018 - [email protected] + +- Update to 2.2.1 + * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, + CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, + CVE-2017-9115 and CVE-2017-9116 +- [email protected]: but really seem to fix only: + CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], + CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for + the rest of issues see [bsc#1040109], [bsc#1040112], + [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305] + +------------------------------------------------------------------- Old: ---- openexr-2.2.0.tar.gz openexr-2.2.0.tar.gz.sig New: ---- openexr-2.2.1.tar.gz openexr-2.2.1.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openexr.spec ++++++ --- /var/tmp/diff_new_pack.X8bLEP/_old 2018-02-15 13:20:33.554755250 +0100 +++ /var/tmp/diff_new_pack.X8bLEP/_new 2018-02-15 13:20:33.558755105 +0100 @@ -1,7 +1,7 @@ # # spec file for package openexr # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,12 +16,12 @@ # -%global so_suffix -2_2-22 +%global so_suffix -2_2-23 # tests should run at least during local build # but do expect a HUGE number of memory, so beware %bcond_with tests Name: openexr -Version: 2.2.0 +Version: 2.2.1 Release: 0 Summary: Utilities for work with HDR images in OpenEXR format License: BSD-3-Clause @@ -36,7 +36,7 @@ BuildRequires: freeglut-devel BuildRequires: gcc-c++ BuildRequires: pkgconfig -BuildRequires: pkgconfig(IlmBase) = %{version} +BuildRequires: pkgconfig(IlmBase) >= 2.2.0 BuildRequires: pkgconfig(zlib) Obsoletes: OpenEXR <= 1.6.1 Provides: OpenEXR = %{version} @@ -128,8 +128,8 @@ ln -sf COPYING LICENSE fi -# remove a non-linux file -rm README.win32 README.OSX +# remove non-linux file +rm README.OSX %build export PTHREAD_LIBS="-lpthread" ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.X8bLEP/_old 2018-02-15 13:20:33.594753800 +0100 +++ /var/tmp/diff_new_pack.X8bLEP/_new 2018-02-15 13:20:33.594753800 +0100 @@ -1,3 +1,3 @@ -libIlmImf-2_2-22 -libIlmImfUtil-2_2-22 +libIlmImf-2_2-23 +libIlmImfUtil-2_2-23 obsoletes "OpenEXR-<targettype> < <version>" ++++++ openexr-2.2.0.tar.gz -> openexr-2.2.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/openexr/openexr-2.2.0.tar.gz /work/SRC/openSUSE:Factory/.openexr.new/openexr-2.2.1.tar.gz differ: char 5, line 1 ++++++ openexr.keyring ++++++ Binary files /var/tmp/diff_new_pack.X8bLEP/_old and /var/tmp/diff_new_pack.X8bLEP/_new differ
