anag_factory
5f7e1ff692
- version update to 3.4.12
* Fix several minor memory leaks recovering from reading invalid
files.
* The compressor API incorrectly identfied `HTJ2K` and `HTJ2K256` as
lossy; they are lossles.
* Fix CMake AVX feature detection that caused DWA SIMD code to fail on
certain architectures.
* The `WidenFilename` utility function is marked as deprecated, to be
removed in a future release.
* `exrmetrics` now print the on-disk size of the data portion of each
part. Useful for determining compression impact on part data
* Reject files where the dataWindows does not match the
pixel array dimensions.
* Support NumPy float vector attributes
* Reading now skips over invalid parts, returns the valid parts only.
* Doc strings have proper indentation
* [CVE-2026-45696](https://www.cve.org/CVERecord?id=CVE-2026-45696)
OpenEXR `ht_undo_impl` heap-buffer-overflow READ via
codestream/channel width mismatch in HTJ2K decode
* [CVE-2026-44663](https://www.cve.org/CVERecord?id=CVE-2026-44663)
Integer overflow in HTJ2K decoder ( `ht_undo_impl` ) leading to
heap-buffer-overflow
* [OSS-Fuzz 512895184](https://issues.oss-fuzz.com/issues/512895184)
* [OSS-Fuzz 512314697](https://issues.oss-fuzz.com/issues/512314697)
* [OSS-Fuzz 508362159](https://issues.oss-fuzz.com/issues/508362159)
* [OSS-Fuzz 507413960](https://issues.oss-fuzz.com/issues/507413960)
OBS-URL: https://build.opensuse.org/request/show/1357249
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openexr?expand=0&rev=79