[pkgsrc/trunk]: pkgsrc/graphics/openexr openexr: update to 3.1.4.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/graphics/openexr openexr: update to 3.1.4.
From: wiz <wiz%pkgsrc.org@localhost>
Date: Wed, 02 Feb 2022 15:50:46 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/99cdf964cf99
branches:  trunk
changeset: 372936:99cdf964cf99
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Feb 02 14:48:18 2022 +0000

description:
openexr: update to 3.1.4.

## Version 3.1.4 (January 26, 2022)

Patch release that addresses various issues:

* Several bug fixes to properly reject invalid input upon read
* A check to enable SSE2 when building with Visual Studio
* A check to fix building with VisualStudio on ARM64
* Update the automatically-downloaded version of Imath to v3.1.4
* Miscellaneous documentation improvements

This addresses one public security vulnerability:

* [CVE-2021-45942](https://nvd.nist.gov/vuln/detail/CVE-2021-45942) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute

Specific OSS-fuzz issues:

* OSS-fuzz [43961](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43961) Heap-buffer-overflow in generic_unpack
* OSS-fuzz [43916](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43916) Heap-buffer-overflow in hufDecode
* OSS-fuzz [43763](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43763) Heap-buffer-overflow in internal_huf_decompress
* OSS-fuzz [43745](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43745) Floating-point-exception in internal_exr_compute_tile_information
* OSS-fuzz [43744](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43744) Divide-by-zero in internal_exr_compute_tile_information
* OSS-fuzz [42197](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42197) Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [42001](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42001) Timeout in openexr_exrcheck_fuzzer
* OSS-fuzz [41999](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41999) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
* OSS-fuzz [41669](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41669) Integer-overflow in Imf_3_1::rleUncompress
* OSS-fuzz [41625](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41625) Heap-buffer-overflow in uncompress_b44_impl
* OSS-fuzz [41416](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
* OSS-fuzz [41075](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41075) Integer-overflow in Imf_3_1::copyIntoDeepFrameBuffer
* OSS-fuzz [40704](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40704) Crash in Imf_3_1::DeepTiledInputFile::readPixelSampleCounts
* OSS-fuzz [40702](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40702) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputFile>
* OSS-fuzz [40701](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40701) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputPart>
* OSS-fuzz [40423](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40423) Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [40234](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40234) Heap-buffer-overflow in generic_unpack
* OSS-fuzz [40231](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40231) Heap-buffer-overflow in hufDecode
* OSS-fuzz [40091](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40091) Heap-buffer-overflow in hufDecode

Merged Pull Requests:

* [1225](https://github.com/AcademySoftwareFoundation/openexr/pull/1225)
Bazel build: Update Imath
* [1224](https://github.com/AcademySoftwareFoundation/openexr/pull/1224)
Add error check to prevent corrupt files trying to unpack
* [1223](https://github.com/AcademySoftwareFoundation/openexr/pull/1223)
Fix issues with a a "short" huf table and checking boundary conditions, missing return value
* [1222](https://github.com/AcademySoftwareFoundation/openexr/pull/1222)
Fix OSS Fuzz 43763, 43745
* [1218](https://github.com/AcademySoftwareFoundation/openexr/pull/1218)
OSS-Fuzz pass 15jan2022
* [1217](https://github.com/AcademySoftwareFoundation/openexr/pull/1217)
Added missing check _M_IX86 or _M_X64 when using __lzcnt.
* [1216](https://github.com/AcademySoftwareFoundation/openexr/pull/1216)
Corrected the check to enable SSE2 when building with Visual Studio.
* [1214](https://github.com/AcademySoftwareFoundation/openexr/pull/1214)
prevent overflow in allocation of RLE buufer
* [1213](https://github.com/AcademySoftwareFoundation/openexr/pull/1213)
add check for decompressed deepscanline datasize
* [1209](https://github.com/AcademySoftwareFoundation/openexr/pull/1209)
enforce xSampling/ySampling==1 in CompositeDeepScanLine
* [1208](https://github.com/AcademySoftwareFoundation/openexr/pull/1208)
Reduce memory consumption with very large deepscanline images
* [1206](https://github.com/AcademySoftwareFoundation/openexr/pull/1206)
Update INSTALL.md
* [1205](https://github.com/AcademySoftwareFoundation/openexr/pull/1205)
DeepScanlineInputFile now uses chunk size test from DeepTiledInputFile
* [1200](https://github.com/AcademySoftwareFoundation/openexr/pull/1200)
Corrected Deep Docs & Example Code
* [1199](https://github.com/AcademySoftwareFoundation/openexr/pull/1199)
Fix C++ DeepTile reading in Imf::CheckFile
* [1195](https://github.com/AcademySoftwareFoundation/openexr/pull/1195)
Fix bugs in ImfCheckFile.cpp:readDeepTile()
* [1193](https://github.com/AcademySoftwareFoundation/openexr/pull/1193)
mention multipart files in multiview doc
* [1191](https://github.com/AcademySoftwareFoundation/openexr/pull/1191)
Replace Doxygen/Sphinx targets with "docs"
* [1190](https://github.com/AcademySoftwareFoundation/openexr/pull/1190)
Add Compression section to "Reading and Writing Image Files" doc
* [1189](https://github.com/AcademySoftwareFoundation/openexr/pull/1189)
Fix typo in readthedocs url

diffstat:

 graphics/openexr/Makefile |   4 ++--
 graphics/openexr/PLIST    |  12 ++++++------
 graphics/openexr/distinfo |   8 ++++----
 3 files changed, 12 insertions(+), 12 deletions(-)

diffs (64 lines):

diff -r 72fb092550d2 -r 99cdf964cf99 graphics/openexr/Makefile
--- a/graphics/openexr/Makefile Wed Feb 02 14:45:27 2022 +0000
+++ b/graphics/openexr/Makefile Wed Feb 02 14:48:18 2022 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.44 2021/11/01 11:25:04 wiz Exp $
+# $NetBSD: Makefile,v 1.45 2022/02/02 14:48:18 wiz Exp $
 
-DISTNAME=      openexr-3.1.3
+DISTNAME=      openexr-3.1.4
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=openexr/}
 GITHUB_PROJECT=        openexr
diff -r 72fb092550d2 -r 99cdf964cf99 graphics/openexr/PLIST
--- a/graphics/openexr/PLIST    Wed Feb 02 14:45:27 2022 +0000
+++ b/graphics/openexr/PLIST    Wed Feb 02 14:48:18 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.18 2021/11/01 11:25:04 wiz Exp $
+@comment $NetBSD: PLIST,v 1.19 2022/02/02 14:48:18 wiz Exp $
 bin/exr2aces
 bin/exrenvmap
 bin/exrheader
@@ -153,23 +153,23 @@
 lib/cmake/OpenEXR/OpenEXRTargets.cmake
 lib/libIex-3_1.so
 lib/libIex-3_1.so.30
-lib/libIex-3_1.so.30.3.0
+lib/libIex-3_1.so.30.4.1
 lib/libIex.so
 lib/libIlmThread-3_1.so
 lib/libIlmThread-3_1.so.30
-lib/libIlmThread-3_1.so.30.3.0
+lib/libIlmThread-3_1.so.30.4.1
 lib/libIlmThread.so
 lib/libOpenEXR-3_1.so
 lib/libOpenEXR-3_1.so.30
-lib/libOpenEXR-3_1.so.30.3.0
+lib/libOpenEXR-3_1.so.30.4.1
 lib/libOpenEXR.so
 lib/libOpenEXRCore-3_1.so
 lib/libOpenEXRCore-3_1.so.30
-lib/libOpenEXRCore-3_1.so.30.3.0
+lib/libOpenEXRCore-3_1.so.30.4.1
 lib/libOpenEXRCore.so
 lib/libOpenEXRUtil-3_1.so
 lib/libOpenEXRUtil-3_1.so.30
-lib/libOpenEXRUtil-3_1.so.30.3.0
+lib/libOpenEXRUtil-3_1.so.30.4.1
 lib/libOpenEXRUtil.so
 lib/pkgconfig/OpenEXR.pc
 share/doc/OpenEXR/examples/drawImage.cpp
diff -r 72fb092550d2 -r 99cdf964cf99 graphics/openexr/distinfo
--- a/graphics/openexr/distinfo Wed Feb 02 14:45:27 2022 +0000
+++ b/graphics/openexr/distinfo Wed Feb 02 14:48:18 2022 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.43 2021/11/01 11:25:04 wiz Exp $
+$NetBSD: distinfo,v 1.44 2022/02/02 14:48:18 wiz Exp $
 
-BLAKE2s (openexr-3.1.3.tar.gz) = ca34f18ac76f7299c328ba99fb42517560bde63faa8bb3a09b258ab6a72dd2e1
-SHA512 (openexr-3.1.3.tar.gz) = 12a8f3660104e68ccea0856caf334d1fafbf0ee79115aae23cdce5b835299294ab8a23bafed282acfacd159ce9bc7f6ffc620b1e0df0d40f9ca0eb15a288964d
-Size (openexr-3.1.3.tar.gz) = 20322346 bytes
+BLAKE2s (openexr-3.1.4.tar.gz) = b25c9590a8d9c47207ad5390551c6c652ff82cd6aa23da5b35e76cb7fc3f6d0c
+SHA512 (openexr-3.1.4.tar.gz) = 612ab3467f9ccf2779e1592361cb07459571122e10c0a0b3020430cfa34fa3b91ca1d63cc12a5f85d5b53b277b3f7a88862e6477f0f3566a4196b8245f6bfe12
+Size (openexr-3.1.4.tar.gz) = 20323658 bytes
 SHA1 (patch-src_lib_OpenEXR_ImfSystemSpecific.h) = 87c234bc497cd1fe34d38dfcdaa943486f8971e5
Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ocaml-findlib to 1.9.3
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated graphics/openexr to 3.1.4
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ocaml-findlib to 1.9.3
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated graphics/openexr to 3.1.4
Indexes:
Home | Main Index | Thread Index | Old Index