Hello community, here is the log from the commit of package openexr for openSUSE:Factory checked in at 2018-11-12 09:50:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openexr (Old) and /work/SRC/openSUSE:Factory/.openexr.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr" Mon Nov 12 09:50:57 2018 rev:28 rq:647258 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/openexr/openexr.changes 2018-02-15 13:20:32.574790767 +0100 +++ /work/SRC/openSUSE:Factory/.openexr.new/openexr.changes 2018-11-12 09:51:32.944273293 +0100 @@ -1,0 +2,40 @@ +Wed Nov 7 11:07:19 UTC 2018 - Jan Engelhardt <jeng...@inai.de> + +- Codify new ilmbase requirements. + +------------------------------------------------------------------- +Wed Nov 7 09:42:59 UTC 2018 - Petr Gajdos <pgaj...@suse.com> + +- security update + * CVE-2018-18444 [bsc#1113455] + + openexr-CVE-2018-18444.patch + +------------------------------------------------------------------- +Tue Nov 6 09:35:55 UTC 2018 - Petr Gajdos <pgaj...@suse.com> + +- asan_build: build ASAN included +- debug_build: build more suitable for debugging + +------------------------------------------------------------------- +Mon Nov 5 13:22:33 UTC 2018 - Jan Engelhardt <jeng...@inai.de> + +- Remove useless --with-pic. +- Adjust RPM groups and repair sentence structure. + +------------------------------------------------------------------- +Mon Nov 5 11:19:12 UTC 2018 - Petr Gajdos <pgaj...@suse.com> + +- updated to 2.3.0 + * ThreadPool overhead improvements, enable custom thread pool + to be registered via ThreadPoolProvider class + * Fixes to enable custom namespaces for Iex, Imf + * Improve read performance for deep/zipped data, and + SIMD-accelerated uncompress support + * Added rawPixelDataToBuffer() function for access to + compressed scanlines + * Iex::BaseExc no longer derived from std::string. + * Imath throw() specifiers removed + * Initial Support for Python 3 + * removed patch + +------------------------------------------------------------------- Old: ---- openexr-2.2.1.tar.gz openexr-2.2.1.tar.gz.sig New: ---- openexr-2.3.0.tar.gz openexr-2.3.0.tar.gz.sig openexr-CVE-2018-18444.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openexr.spec ++++++ --- /var/tmp/diff_new_pack.oePiU2/_old 2018-11-12 09:51:35.196269921 +0100 +++ /var/tmp/diff_new_pack.oePiU2/_new 2018-11-12 09:51:35.196269921 +0100 @@ -12,32 +12,45 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%global so_suffix -2_2-23 +# perhaps you want to build against corresponding ilmbase build +%define asan_build 0 +%define debug_build 0 +%define sonum 24 +%global so_suffix -2_3-24 # tests should run at least during local build # but do expect a HUGE number of memory, so beware %bcond_with tests Name: openexr -Version: 2.2.1 +Version: 2.3.0 Release: 0 -Summary: Utilities for work with HDR images in OpenEXR format +Summary: Utilities for working with HDR images in OpenEXR format License: BSD-3-Clause Group: Productivity/Graphics/Other Url: http://www.openexr.com/ -Source0: http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz -Source1: http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz.sig +Source0: https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz +Source1: https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz.sig Source2: baselibs.conf Source3: openexr.keyring +Patch0: openexr-CVE-2018-18444.patch BuildRequires: automake BuildRequires: fltk-devel BuildRequires: freeglut-devel BuildRequires: gcc-c++ BuildRequires: pkgconfig -BuildRequires: pkgconfig(IlmBase) >= 2.2.0 +BuildRequires: pkgconfig(IlmBase) >= 2.3.0 BuildRequires: pkgconfig(zlib) +%if %{asan_build} || %{debug_build} +BuildRequires: ilmbase-debugsource +BuildRequires: libHalf%{sonum}-debuginfo +BuildRequires: libIex%{so_suffix}-debuginfo +BuildRequires: libIexMath%{so_suffix}-debuginfo +BuildRequires: libIlmThread%{so_suffix}-debuginfo +BuildRequires: libImath%{so_suffix}-debuginfo +%endif Obsoletes: OpenEXR <= 1.6.1 Provides: OpenEXR = %{version} @@ -56,7 +69,7 @@ %package -n libIlmImf%{so_suffix} Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format -Group: Development/Libraries/C and C++ +Group: System/Libraries %description -n libIlmImf%{so_suffix} OpenEXR is a high dynamic-range (HDR) image file format developed by @@ -68,12 +81,12 @@ %postun -n libIlmImf%{so_suffix} -p /sbin/ldconfig %files -n libIlmImf%{so_suffix} -%doc COPYING +%license LICENSE %{_libdir}/libIlmImf-*.so.* %package -n libIlmImfUtil%{so_suffix} Summary: Library to simplify development of OpenEXR utilities -Group: Development/Libraries/C and C++ +Group: System/Libraries %description -n libIlmImfUtil%{so_suffix} OpenEXR is a high dynamic-range (HDR) image file format developed by @@ -85,15 +98,15 @@ %postun -n libIlmImfUtil%{so_suffix} -p /sbin/ldconfig %files -n libIlmImfUtil%{so_suffix} -%doc COPYING +%license LICENSE %{_libdir}/libIlmImfUtil-*.so.* %package devel -Summary: Library to Handle EXR Pictures (16-bit floating-point format) +Summary: Development files for the 16-bit FP EXR picture handling library Group: Development/Libraries/C and C++ Requires: libIlmImf%{so_suffix} = %{version} Requires: libIlmImfUtil%{so_suffix} = %{version} -Requires: libilmbase-devel +Requires: libilmbase-devel >= 2.3.0 Requires: pkgconfig Requires: pkgconfig(zlib) Obsoletes: OpenEXR-devel <= 1.6.1 @@ -108,8 +121,8 @@ This package contains header files. %package doc -Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format -Group: Development/Libraries/C and C++ +Summary: Documentatino for the 16-bit FP EXR picture handling library +Group: Documentation/PDF Obsoletes: OpenEXR-doc <= 1.6.1 Provides: OpenEXR-doc = %{version} @@ -117,45 +130,50 @@ OpenEXR is a high dynamic-range (HDR) image file format developed by Industrial Light & Magic for use in computer imaging applications. -This package contains a documentation +This package contains documentation. %prep %setup -q - -# poor man's fdupes -if cmp COPYING LICENSE; then - rm -rf LICENSE - ln -sf COPYING LICENSE -fi - -# remove non-linux file -rm README.OSX +%patch0 -p1 %build export PTHREAD_LIBS="-lpthread" +%if %{debug_build} +export CXXFLAGS="%{optflags} -O0" +%endif %configure \ + --docdir=%{_docdir}/%{name} \ --disable-static \ - --with-pic \ --enable-large-stack \ --enable-imfexamples \ --enable-imffuzztest \ --enable-imfhugetest +%if %{asan_build} +vmemlimit=$(ulimit -v) +if [ $vmemlimit != unlimited ]; then + echo "ulimit -v has to be unlimited (currently $vmemlimit) to run ASAN build" + exit 1 +fi +for i in $(find -name Makefile); do + sed -i -e 's/\(^CXXFLAGS.*\)/\1 -fsanitize=address/' \ + -e 's/\(^LIBS =.*\)/\1 -lasan/' \ + $i +done +%endif make %{?_smp_mflags} %install %make_install find %{buildroot} -type f -name "*.la" -delete -print -install -d -m 0755 %{buildroot}%{_defaultdocdir}/ -mv %{buildroot}%{_datadir}/doc/OpenEXR-2* %{buildroot}%{_defaultdocdir}/%{name}-%{version} - %check %if %{with tests} make %{?_smp_mflags} check %endif %files -%doc AUTHORS ChangeLog COPYING LICENSE NEWS README* +%license LICENSE +%doc AUTHORS ChangeLog NEWS README* %{_bindir}/exrenvmap %{_bindir}/exrheader %{_bindir}/exrmakepreview @@ -172,6 +190,10 @@ %{_datadir}/aclocal/openexr.m4 %files doc -%{_docdir}/%{name}-%{version} +%{_docdir}/%{name} +%exclude %{_docdir}/%{name}/AUTHORS +%exclude %{_docdir}/%{name}/ChangeLog +%exclude %{_docdir}/%{name}/NEWS +%exclude %{_docdir}/%{name}/README* %changelog ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.oePiU2/_old 2018-11-12 09:51:35.220269885 +0100 +++ /var/tmp/diff_new_pack.oePiU2/_new 2018-11-12 09:51:35.220269885 +0100 @@ -1,3 +1,3 @@ -libIlmImf-2_2-23 -libIlmImfUtil-2_2-23 +libIlmImf-2_3-24 +libIlmImfUtil-2_3-24 obsoletes "OpenEXR-<targettype> < <version>" ++++++ openexr-2.2.1.tar.gz -> openexr-2.3.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/openexr/openexr-2.2.1.tar.gz /work/SRC/openSUSE:Factory/.openexr.new/openexr-2.3.0.tar.gz differ: char 5, line 1 ++++++ openexr-CVE-2018-18444.patch ++++++ Index: openexr-2.3.0/exrmultiview/Image.h =================================================================== --- openexr-2.3.0.orig/exrmultiview/Image.h 2018-08-10 03:35:00.000000000 +0200 +++ openexr-2.3.0/exrmultiview/Image.h 2018-11-07 09:07:48.072431858 +0100 @@ -227,7 +227,7 @@ template <class T> void TypedImageChannel<T>::black () { - memset(&_pixels[0][0],0,image().width()/_xSampling*image().height()/_ySampling*sizeof(T)); + memset(&_pixels[0][0],0,image().width()/_xSampling*(image().height()/_ySampling)*sizeof(T)); }
