From 4581e63e77132ef7ad2f92d311c64a39cdc6a43eb013660ba559fe116dcc5cd9 Mon Sep 17 00:00:00 2001 From: OBS User mrdocs Date: Sun, 21 Jan 2018 05:41:23 +0000 Subject: [PATCH 1/3] Accepting request 564464 from home:avindra This depends on https://build.opensuse.org/request/show/564463 - Update to 2.2.1 * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116 OBS-URL: https://build.opensuse.org/request/show/564464 OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=8 --- baselibs.conf | 4 ++-- openexr-2.2.0.tar.gz | 3 --- openexr-2.2.0.tar.gz.sig | Bin 287 -> 0 bytes openexr-2.2.1.tar.gz | 3 +++ openexr-2.2.1.tar.gz.sig | Bin 0 -> 566 bytes openexr.changes | 8 ++++++++ openexr.spec | 10 +++++----- 7 files changed, 18 insertions(+), 10 deletions(-) delete mode 100644 openexr-2.2.0.tar.gz delete mode 100644 openexr-2.2.0.tar.gz.sig create mode 100644 openexr-2.2.1.tar.gz create mode 100644 openexr-2.2.1.tar.gz.sig diff --git a/baselibs.conf b/baselibs.conf index 60d309e..fc2bb05 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1,3 +1,3 @@ -libIlmImf-2_2-22 -libIlmImfUtil-2_2-22 +libIlmImf-2_2-23 +libIlmImfUtil-2_2-23 obsoletes "OpenEXR- < " diff --git a/openexr-2.2.0.tar.gz b/openexr-2.2.0.tar.gz deleted file mode 100644 index 3a4898b..0000000 --- a/openexr-2.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:36a012f6c43213f840ce29a8b182700f6cf6b214bea0d5735594136b44914231 -size 14489661 diff --git a/openexr-2.2.0.tar.gz.sig b/openexr-2.2.0.tar.gz.sig deleted file mode 100644 index ab0705f6bbe3e416c5df9c6853e1762d05f8b6789b45a21c5a9fa9c3ccfd9def..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 287 zcmV+)0pR|L0UQJX0RjL91p-s%{~-Vh2@uY9RC}xtI*p2c2mfpvFO6ekvBXU@2OtO4 zq4teA!%LxlQ8F6ia}*8s-U-Z*MFl9Q_mWM}Z#t~Vqp8YeDLBmi!hr@5Gts3Fdudxt z(PJ`hq-KwU!0)KHcZQ-bOrfCJ25;=Hs!!QLgulCG+vw%=ytpu-;S3tE7|76&P+1~b#`tG@2>`2T#{s+OIPzk!@ngrmZywbVek9_&D1HpLIz6Nj9 z{+|thWG2D`#!)GJwwUH-&8ctUf7#ijQ@r`zEaVQc_T;@aH{REt=jL{z?~@kY6A2r2GQTBslLYM}~i( z$mNY_)ykz=jc(51X6JcPc0_I9SVx$)jv$=-V#Z($;ifeX>ViQ~Eo{KUM3?nSiHF&z z7J4t?o`==9Y*rLroSa@P8KYIvC>=WhpdOSHzjK1Bh8PO^nO`&O+jRaKKsf5g*G#!d z1Uo&H8HVho=~yLCEqsTH9-I_QeXwgCc~m0a>n^`z`t-yet!`hRc#gp1e{SCG5e50K z8simQ6Rl!MdZX$MFJ9@rd2D##^SXB0XqDXelux=h z3RXlU0WYmNuCEnP(h(E#f>+gk?lsw7_Y##XfH9MFH$G{X?j^j14?e#PUxX2OfNu>$ EDezSg(EtDd literal 0 HcmV?d00001 diff --git a/openexr.changes b/openexr.changes index 22a6eb3..cd69f8b 100644 --- a/openexr.changes +++ b/openexr.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Jan 15 05:19:19 UTC 2018 - avindra@opensuse.org + +- Update to 2.2.1 + * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, + CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, + CVE-2017-9115 and CVE-2017-9116 + ------------------------------------------------------------------- Wed Jul 12 09:22:22 UTC 2017 - tchvatal@suse.com diff --git a/openexr.spec b/openexr.spec index d07c62f..8e55439 100644 --- a/openexr.spec +++ b/openexr.spec @@ -1,7 +1,7 @@ # # spec file for package openexr # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,12 +16,12 @@ # -%global so_suffix -2_2-22 +%global so_suffix -2_2-23 # tests should run at least during local build # but do expect a HUGE number of memory, so beware %bcond_with tests Name: openexr -Version: 2.2.0 +Version: 2.2.1 Release: 0 Summary: Utilities for work with HDR images in OpenEXR format License: BSD-3-Clause @@ -128,8 +128,8 @@ if cmp COPYING LICENSE; then ln -sf COPYING LICENSE fi -# remove a non-linux file -rm README.win32 README.OSX +# remove non-linux file +rm README.OSX %build export PTHREAD_LIBS="-lpthread" From b2c36e133d5fe3352213c856483b237bfa39eba3480c61ac1e6180698a61e345 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Mon, 12 Feb 2018 11:10:45 +0000 Subject: [PATCH 2/3] - Update to 2.2.1 [bsc#1040109], [bsc#1040107], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], [bsc#1040116] OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=9 --- openexr.changes | 3 ++- openexr.keyring | Bin 3262 -> 14855 bytes openexr.spec | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/openexr.changes b/openexr.changes index cd69f8b..1bf20e9 100644 --- a/openexr.changes +++ b/openexr.changes @@ -1,7 +1,8 @@ ------------------------------------------------------------------- Mon Jan 15 05:19:19 UTC 2018 - avindra@opensuse.org -- Update to 2.2.1 +- Update to 2.2.1 [bsc#1040109], [bsc#1040107], [bsc#1040112], + [bsc#1040113], [bsc#1040114], [bsc#1040115], [bsc#1040116] * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116 diff --git a/openexr.keyring b/openexr.keyring index 483fa04db9c00e5e8dbcbdff4dc0774df49619c7601225eabb13769421297e9d..bcaacfe97ad789fe706d109e370349fa52012b46d8c3d22bdeb259f363574374 100644 GIT binary patch literal 14855 zcmd_RNsshQk~DTNp#DQ2B_w9JWs*z*bKt)3OOm{C-*+;({CdUHJu_&15~R7ltpo}v zpc1SIr-!?lxy8Tz8~D(iAnAWI1@mvFN2?O^H-!uTMym#+{Q2v@{r>p*vex79fBa1t zc2oG<7x{Pe-=BZ`-vr%*)Oy&@|NZypZ@)jiCDb&h<}fMQG{xHKRecRqraK|G9`&n5 zBdIrNxMfSK;@z*zD(+J!XIIc(q;BB$?+=ToXrqlWdf8TJiRvIXL{e49(4Z@89TF=MoQS zO%KX|q;^xzz+SJnhVJC|V9Kr;px>V$I*vV~MJIoL?aC1IHHb!o<0vhZE_A=3^OpOt z(a6^n$Zzj1^XY`{aLQj*=hYvKK7v>gXc(Qq*m*A60LpzaUhE-5hQpr z_RvmW?h40y{j+LJh4C+MvEuJf1RtW;Zo2TsPp2SQwtQ*F*V9^5Dg@PPGiYh(92=4@ zSJkwBr;CTBGzuT?qi@JO|NU{pFG@jgb|%8&W>+nYHe%)Gtxivs<_W%WAz2xbo!s2& zy{ex(7wuC%P=_dku3o6$AN1vfLCjqdnLFWQ&}zlB zZSjnT)648~?kvABweI()a8F~~nKH*-16JeuguD`OUu|D*3QBNGWMW>mYKpk3YKjaQ z6Jcd`e}2=xtCE^le}BSHx92rQ#wb4}!$ifOb5nc$o4B|Xl$Og`5+#-%V{L?clu|++ zp~_gLNF5T(TN3;GL!BW*SyB#uf|8;X#%40{8JmskKK7|FDH$$yMRO>VdC5;T;2c%0 zjL4sv^f^#W@%xk6@G_KqPN2MKTWK85YajLEf*<*dDq-%=|Gp|pqRj5@HE59k zk!9G?bi@tTU=mvi<=^DXOfT$eR6ezDN>rz8jw&?G4{LfG8E@~jwCR_#7Chu<5tJ9p zn7;6R`Te;=fe~kv{U~47tWEVOL@KskL0^9K>vU`6o0`I=XM;<0wLD;}Bu(hhJ)E+x zEUg3?MO~{xoifXdVH6a%1KV`Sq0jC0E+tDAx9@x>cK7*o#M+vKlreF7V*LBib|KNw zF8%$n{Dy$vVH{sB6_?-Pne4>yMTym&^9QQ(eX+UZ5$KDQ*Sw~)LEyN4zOq=jCezC? ze}78zLCSiDE%8Sb_XKadTU}=Qd^Ml$d6h5yxqWJ5oXPeOG+sfV*H`FY=4c=r!zwAr zN$T)K2u@xOdBr?;N~5+F(rt<(oQ+d<=8h+Cu>=v`oIfi(d?7SJRF+rrSf(feHU0kR zkZb4;dsw^w!o@Pu3@^~LB|pM}U8{2$^D&m|OS)PjCYh0Zap&^w@BI7Vg+VT{-=EyK zw)ezr+t)2_=^_S}6QFqPQ=;&P!?v}lB_@t<>4Qm})WBA4tvSJ#B&C>}2>Jg0TxhLC zdgq+VD-e_Kq`1YQpQ*zZPopBo`}Mq91d`_^Cn?gCr+CWY&srQ8tfkYCUcWyNyP<8Y zOfkQ%B<^vW4EO0XjSVQc!s?AY!^SZZzeIw5C8QpAUh?d9RO#NhFIivw_Xks7#b{51 z>y6(W)=hTVrp1dg3o|6gvcf+ni?RN3vMzA4*#G71{Qm5nK~nOY85|DXx#;P-ID$ud ze=YEttTK{=iduEb-CK4T@2LTAi^6{r%ou9Sdujji`|}^JoA|#!fA2Az&i=nOpx>W= zeC_|EQ~m8<^z(o3!05lj|Bj;n+=Bl_w+^-iz{UTMKYwtQq|^N9)HUg;~>os2agB8xda`1kCy63QpGW{^uB|BX&^1oJ4 zJzfRdWskS%Dtu=boAQ(be+HfD$>7FJBf~8>m=1}|B>lB_e|z;N%*b|nGj)FiUiT2! zL(9ACZ7s^#4?jBFRvhB<`rcF5h1+NCupvY&Aw-aPHvihYm-o@17NIg*xb4LQ;OLc{WEPdT zCj#KLH>MAKrA*JnuMsBM!55!f`7nE|a`j1p5mrtN)8*T`{L2SGo;4%Re60Z}irECY z*OV>5$(N_10`3gd&F6iG=%H-*)j*DMizah}wB-kSkp#+VfB68kMl{bKr-$h_P^6-M zgg5)b7Txicv^k1bw!Hi0qev~c2F6~&m;E3Lx_NX#^ZQ8EfdQ=E5{e7^iwEHE%m4j(Zk30@MtKz!F}+KGLX`Af6T|eB2=E@F@68-rMn5bU=suKW{ZWSgp#lACM4_ZS=2HcuQ+ofY zcX>Wjwi0uAAF9-7>hElwjyYH=C4rs#-Q!s3-6@_d6BpY5Yeb<6h$kwTM$jmoQqim+ zTJx(MiA)z|+v+c>n))yz(N+BN`ItE}k++Z?TibVdS4@xoYeeC^63d(|PrjI2er->I z_5m_l^oRnG;1&DWkx!2YZyX|J%biBf(QXigl6jv5)4)J_*|0?+~?YgRCtz|GT zCsmo54s)uvmhl0Pii?}pTbtgH5x5Yo>relvnq|=!d|Rb=f}%RA{%geHPePo$ATwt9 zX&;iUA|I#$GXl9PmQYD)--;z#-IJmQh`nm3JJO_&SS86HZ89Yk~YN9I$4_E(7OG*D7 zhCjc6sg^V1X#a%93u#+BPBLztgSn^j(FRk(cH4~EGViiE4NcG1>btv0ZzDPu(T<+6 z>c2>p_p`O0mC-)lGd3Y4MdA$g6S+3Ia9-B(P z?E4D_I$djT{G)Z0v!K+A{e&_~N%_j9o6 z{`-?uS=B&KFeg4^I~YCk)=l!Nzt9kVvaN$A=oX;hOz9;!Fs5pE{4ilCjvZDh+36Mj z{>+eCAR9T|C24U;f%c?pSenzR3Hh}?kcq_(wUo0-`3&~-5Phc69d@n6Pp9V?2o4zV zp~ahp;!D|w`;A+afD?_~WO^A0wi}4-1RHU~f6T@d-3M*g^TNh(A<~I4O&F?xI5>qJ zDx{VbgWe~_a)gVzLDSYS1oXb7NtT*`Bx9OA3rTI4(=>1khfjh2+7aEmIP?3{-YFxp zyZBMTYm1@gRnb;jT9dxaaWzdB^k|~!3A2=d^%iw`)k)e{+t8B3TH}#Ez~Fl?*R%9f zUa3CEhb>MaSeAJ&XAkl1ZbWi74NAJZvj?*s3%N8)+p1N2D&yBp?H~gdf`^<9(E1wM z(vDddmT1R~%3Ad$8*93G0Rw-6tYF+qdeh;O5H@s=5=WCm3@O@_KfCCA^%3-~UpX1R z53DPtO=y1|-WjWY>%J-_%@)9k!ax}h0i84CdY(+8h1kPinDhMoF;?4hKOU-ou!kpO zoC&W7Tm|0qJ0CQrGkwZ7uqC;@#|jT5l1+6P{klXU8%?9cCx3tH91g#52Rj6QB8Wp# z52p|zG=2OzX?o9V}QVTFU5#x3$ju- zuOHY#qL;X+ZBcWS_;sH6o;?{u{l2{pI%FV~UO-lhtY%7~D_QOJlbs){xj z!W8kcubya4<4W^dDiqQCkxxP$hueIHJR_v~{n0e@+L2oAHngRhD5(iYuFjlDLcbbm z2NxZVFM`AEF|}~JYoRtZX>8OH8Ee8j2L1i01XIq((MXurT2Vd+ToGH!) z<#sfb9@(irR>9s%RXANW_-ePdWTan$H3%Qi0<@nc4=X*$_Id{LlgjEy56-z1*oz`Q zDZ8?Vuq(zCHwxzp@#+QH%n4W3GYj^6$S3t7^A}^6nB|Pva z9ny7yFIkn+EmYL-i;6K0_-{}VSW1MA>0{Fbs9}-H2eA}273JZK;RJ!e=ayykU}N*x zx97cb694^B(JT0n*L82}CoF&ofo3R{-`}Ls3M$r?7+SVdB_UkhUo0$9Z=Lt+)4~}< z$4gUW&LipgKA$zor%0cW0$_v~UjhQDG$SF~XMUvXx(rxe_+2GdWd6YlQV)(;Z`=5J z(yWh}5D>&%dW8+CT(B5eDX_6YPhICm8JR9xdtMM7hpf@43Olb*J`RP8a{|svUY&Bh zaDG-xT1Xc73hGo-AYkt?icirOOcs^In0(33@6A5jN=?Mx5iq4(Yd%$6xMP~>DRKCs zwW?*;kY1hSA2l50WM1`usyMJ=cvT^cVS%|8Lx0FEI+;rnBZnv2+%w%!QHpfg+V;GJ zm~8Y9lR$3_jPIY5V`c{zazsV7a(9RMvn`tYTo^hNz9g>8-lOl4;~Cuoy3mx8@VN+% z9q@F#T1}^ae-0_R*0u$c6_WlwHv2f*YMxr}!wNhZhXzHUSTOj_Lek7sJRAIcN(7wE zWc`+>%m*12uD-D#{HumcxYUHae6=hVQBl{ZkeK3C=wr=Aj0J`A9sl}(JTgv-$GLOk zO8wOXBZL%ri4;hmVggyJm)r-X6F+LXYIUE!&#aAD(5S|G(go#GQ?`$kbwR0$*0(0R zCJO8vdRL+fx*8U)T(`J=qyk$wAQB?@k2+h{IaR zWqHZ00ih395NDp*mRkX~mW!rWrVmzN#kg8O)YnVI+VI{wIo$P-Ou{U9R-j)@>CWB` zmfij5<1@7za}oC8ZQaen!Tt?Y#g676Luel6?%Rs zWUYs@Y(In^*d`h=XE4`@r6OmzX=V%Zp$IFs<%f*Hy>SJS>z3v^elYUIZ>VF4@aMHg zqBA_-+Ln&4>u0Z#)Ol$9;NhOtIk0;*(axN2Hy8Qa@RAtunGRRsq}XY{=AQJ|5GQZ8 zXa#0lyd_d@io94A9A-W8w=*uF`_JUCblA*nI^}%X_bbI)Qxa+c55-|joJms_yF9LN z&fHKCGSMdskXotr!M2dIGa1-LS|Nm^JWa$$COJ)WKKSc(2>`Zop0%frpME}5HbTmn zUS=pQpXnASeC)GPza6XZe}7>4ozZzr3Z-0lG*<9IELe<6oa&9YBtXH?*t&{<%IO}4 z+UHDP7drLveZAW-u;lXhN4W^LlLCTi1p&CKbQ<3A{BoYEPB3r8~^6vS^l5_2J-X<=otfzXU>JkW-!>&*Gg zI3Oc)@((PQ4an+u`e;{9jJl#M`NV)C^083JhS+c9eI3_B5_;g{d)ugbKaGqk$Q!c@ zZRdeeg8>Wz;A$9CJeQyQH$O=}yx&+WqacDX4o#21^pj5~L=Jd3X$@VW$M9g2o{MB% z_@;MmetDqUe<|h}0S^~!9&EXc@vQ6N{*m}_ua~WkST5}}nnAJKYUPAxKIw6M0$%7v zUgcuh1v$yRz(9z))1B$q;~l?G)xd-^AWh5ZbCFG{EP!rJ_hQU~x}du48JID9nP(o| zqXCSKGIVM^74M2)nMM(04j%lD;mmvBrY2U{M4;luxvx2jw0K1#*%LABQw_ z&)ZI1ZR7d?@1qjbajRL&bV@!o9w483xA`%;wt0BF#N)k_*!X&Dk5M{+k#fUxb2#Vr z37El4V=k1%Vc+Z%PEp;a41v*pMycNcRAUOP(-frk)PMXj=>^P7`k$Hfe*V(|eoEk!00%h3?BDux26XAN z%l$afo1sm5Xj1K~u`k-oU^zluvSF+5i?`9`1E|x3cNfm<9Lg5DaCfe_Vsp&J9V z?`0g^y>9?zuny#TX!=`jP*`NMJ-sVBTFe`OZMy922e3ej8Q<)pI7qS7jnkg(k1M6P zqks+)QIq`(i8*+LL)RpREvw6^z^}L-3jh^Lr?O#<9Ft)R*u8#4U3u`>5xuD=rp0Y`L@R3OKzdwkR3BUoqyLI*o0*D|{dxp^WHwBC@ZnTCZ-)pON zuF=v~=sglka$rdjzn-`Yl8=LT&d}=9(#Uj&Ps{z7KQe&nzRsOg+-xQ!mF^$ zyP*sm82 z&u1blixqi7_sv8J5C9rPG86bc#HQE(b+%WPG_BcGNtLuEYmSK)RJAsAxylTcvQ%mL zR9Uh#9RgrO9ULQ;9K$~;3e3o?)ro>sak3kojlg13hM)*U_2Bev7Sl)8srmVQ-Ih#L zFx4LkXoW4iPgW4fuD7hSn)An_Gg>5rc8k+#;6jFC&I0!x7zI-@yAu&Cm$p~u=Dw#G z=_G)Lo+jhDI9fBu&#+iN8TM{DJ>SpWpNQ=GpdEj3eKZ!!s z<_pB3wFiff8Ggh?u(YIB7|o--E4i_4Zmu1;t|!wh2QF){H7STL`YK92dl~ysnd^9i zyA^thCCbBxO)Wp)0Wb(sENz)kIxOPid*2pjt%kKs7Y~Zr+){NjYP-cCb~OnIT4o@v zs3Ch=6J@4Gd0yb21feQZBo}=j1s{T_9Y$qeZt~?(QZj=FuKUgV+dht$=v68mfRiP6 z{xjO<8+7aTF5U|lO+&VxW*|+&Oa=zD>;*~P&sSBK4qfohVXX4ybp|+W2>AtqKmx9+ z{IfsV<(l{S-;x1y%3XF$GG@lp*#dX+LKb8{r|OOpqZU2IKe9%@W7qW6K~K#MZ-S}t zdJ17OWqJVk^Ki|%qH|gJr}V|!oBJO+kN=+?y2$@>N#>826XXnU+RX?WHpQSR67H{q zQxuok>ud`On`V!$<4)ykKUs$9?EALQPV7eok5>nPWC;vC@!gd8cOP8M$m?4=?I~dS z*O)6;6rJY^;Z`u2?{bavJaMk%FdiFHE#D|lDnK3|)H~X>IjsrQI(=0M{Nc9wxPeoP z<@Anxb29RLOHdj>Ddv(4rW=9wp+0f7KS#3x@bW?4Quh6L4`GTjaB<@6+z*`CUjaQ* zq}aK1dZC2J+hL#tI>^qAq_0tOwy9>G&=P_+S}@7ilKfFQ&FJQz8D;C7f?evnfy)Dv z*Bmv=j1X?SIuv#(Uy+x?k?G*?tytp&0=saAl-bTwxdKQt?}f&m@VH}3?cV`Hw{Z@A zR-d9dFbfx81@>DB5YS}Es@$PQ7o$6nOMnk~HBAGeHzjpjnu0%upBEMe-9O(nktw(2 zI8a3>M&haN@9&Ng4ov_R@@OUc&=|V%B&uu`=CJ-Tf3Kc2Rpnp|Kgyi;LVa;xId;}5 z`vCgaNKK4^5!2&Og#=e-Fg*!vpTuwk2(@d2JkiTsZtZyh1Cw7{Y8@^S+1Q-`pp6L? z$jlwD<$NFXQw90#MdKtw?XiC3#@X{vFR$)7Dij#=ss4PlhyVTRm#{hDhQN{4yXPYZ ztvr<`yYx>uU7)sjDN3g6#?GYP3@G0i{En*j>+XRr@g{_~^muVoj>0PTY#|m9>q{RR z{vI&cK>DyuQ1zoAm&9&fM?E z9ovL}_F{5DFbB_xHBRcob@u*{96bwxuFoUM!Hz z)J;GdvOB*8F3RG7GXfQLrh|5gf(>8sZX9Jw*3@LVrQR6ARF&j9DdP<>Ah8jtg{&s& zK&AsTMs>pX^6-b0%_+uh4s}kp4{+;Y2wv)J1wAmKQ+w<1RMp)UJ4fHfBhbM0x9XNb zKH&Ffl?-6?Ty$AW7anSXQZ}4s{286r(!Ws05|itREgCcZehSb7l86mT?w)O$U;}q# zpp-$b4!t+$q3Cq*dGOT!NII+yNNWp)6`(@LdVU&=$Af`CNvpHeRUUs5hO7eLJYNBsXw z%w>(Nvk9O?;Z2^e;3x@zYpy2LEVzjGtobrofVzNHg?ttdum+A9wNJzHNH~Uh%Vd)t z=VqjT&~9{K^Ih9YuhjzqAvod7&nLlh{n5ohupp2=BX%JC_A+$5;6{jeSgERP59_!w zQXb)_;oEPC@PQ;I=jjp$KB}%cRiRGa4!9swiP+P*4tKflZl5K#OzSF9a>^8SogItb-Cm3 z{YXRlJ4aKpJZLhb5u7@#%6l?=nB}~SAq69teAiF1wpcS3cllA(x=+Ot5Y%lGVj4IU zS-KO`wwVv_PHxDfnlJC^PV!)-&HQP`L|1si%emUHetYq@JtZnCUL@J1;LuW9Wh|iK z3b&Ib^B6&N0KmT%^3%`#L>7!8itu#@vqJ5+P~8wp1fD_@9`YBQUa4#OqeO|w%SlP( z$SPAGYv%_#9{C^`C!VvW=JNK)nX#9T!!i}Mc;AI-=xSK@)MENm0Q}T>aO=KA=NX*Y z9m(}^2*s*dwXhOLJNc?!H&|Px-<6bPcPYIh%!p++zal`r#Cw@0h8EgqoGB~8gY{Vu ze}Q06WC-wZI{z7Sk@JBNbEMU0t>I75X0a3HHnx#IJEdLuF_e^OLRq0zddA338s)a; zeYc%EbX`6ecmHTW?>f<}FPm-c0!ZKsKa1p4sY$~{BgYVLn5nb7uZsuTB@m|Oe>w*T z{WGikI66x@`}tf=L_^tFz<@9n`1el1JP@k0pk>*+XXwt-P(#2F4lo3A4h#bGgTS13 z0ot?7%o$Q8%5dF#9W(&W{jY({x+P6wtZVd1Phyjz=AZ~1z(0}Z{KmO=sG(Coo6R_g zqwl@S7QNW+-r=guLIZGq;b?`<#$$1Hfp>IxY6Wamr7MyCNHvMyXr72oUpc z7`=F;fu)N06;mqW>}fJ=S?9&2gGra)lSlb3R;y?S*k3Vq|OQTKcqy~@*~e^zgG5@8${(qgms ze${Mn4U^9(GbdYnmW^;)WyL(^na)R-vJ{=06gYEI3i1Q)HnTRicHyb z#^F`TE6)Kup2vQ^g&1*rq9K1_^L?t`ahdsB?5UKR3u8T}QjP|R_^CQ+WV<~)l0?sB z!j<@h8392K)z|c8hl)d4T*Favn;A@%3aLZf?}d#VL8QXGV_z=+;wyx=-9!qd@3C<0 z6mcN)RqCbfU zbxgTdc9qQubz-b7Y|(ogmH7`2O9!H4gd%(j;8^rabsG7J7%(ziv_mhiR8=LltNF4) z9S1Prrblg}tIxCW9Cgym$f(!zjXujsfU7|`^k{|Z>#DCsio{@NV56cxUqd&dB7LA( zKjk}wqE+1_Kvt!9EQow|qb7;03$^RVAYO}Me0Rr}zxPbOSsv{xRM2hV%n^I_K0D90 zM8<6((|LpHQ_y%PUt6_7ePMW7S58@sD}xB@GA&AA8M|XV?(o!%BWmwo(P{=wOZdnb zw*^T|rQI!)4HmP!MF71t`LH#ye&F*9vIuUtvVjlj?HB0b=nKYb4?X`~bo3$i||-qNJ6JS_og3i5|8IiFom2T!sWk{u}3b}yf^LuvZB zryrYCwj@+2kMkctpn`FR-VpT{Roowzhiz+q4F4Q0FcIawJ_7!!tMS5wQTc0FshfE`T_&)f#< zfo+l&Z$+rg53X+QFy48~5}0AVn&3I?7{rD_a6vq(Kk=P%qr*fv;Y(7RZlZa4iKmm{?d8QVQ-khWSuiKss%boLK#L#HM5yMF#b%d`W)X%-18v>?Ou zuQsk_xej$o`}TxH0{D27dMwn^bCvPk>=1|Rfl64jX%_ah-%Ur;?ty54rXX|4RS>PH zRBh6Gi)d!89;<78)uT&NagTWSw9jkj$F+I(;e@&r)>j5OXL5&Bs1&9|Tl-)ZV*KK8 zs{tOw8r2$N`jW?Lfi8Sobt5FceI~pm;*iOzWvDQv^I^Zqkge6;HS^NZJ_z$n)V^lO z$~#2Bow<1gcy26L+TolhPYeF=^)Y$y_P6XqPpe=_ROh9WjrLX>ZeTmyl#1N+Rm0dZ zFjqmXw)s^c{(embtmUMMCkno${=i+FZH8>e2V%P>9+mR_3amHKJJNY6^m#p!mzJ?b z*+shnz2EkI>WdfC(Tz}WGZ*daJ7k1P_aa85J>r9f{I@g6;$L1I01F5JHHcqF!*m>d zLmk6mB8L7hzSk{HU>ay24_{H3nv46Ni~sjN38VyN1A&1HRN&tk{zv>X95mpwv~eY7!WTt#TqCRYTm?UU)MICo1DIGuef1Gcs%%R#XG%DR;jmj%UqZ) zDS2jB&V_rm5OMJBiJo$ufIoHIj&Z)Izz?bCPR=)0bMgw3Utj0!riyF6a{Ng z9!1^LwZ^vo&{|r|9L6d+FhpBnha|yR$B-8NAa&Vyx*>en?Z9w>xS!t2n%nfY^Dt|B zJt7KIEFDxbf0t>u@gRlEGye8M$M{>hfNsUZZQTuuLdPWdZZGj%fYqH{@g@2N=Ve5?mH{Sgo?YiwXl2<~PnY$mj!rBXY6J4*1 z>(!2&4${m$PK0PZ64g7J7J;bspdK=Xj*B=7$`zhP&02HJY!e|;_Z+DbQYx$Q-Bxo9 zOJD;vx~g{bkD3QlPZ$^lPUbvxvGnYh8ot(WHtlcaN{zK8$e3-&6JSePIrS*%q5c!i zgUl#H4^P$%h~J6Pak)HomTO%87bInCaC7nfu)_)_QvKJf#v$AK#>>fa9FvDel0RBQ zGwv`q#u6s|GPNF*&Rw*5I{P)tp~A82MoE!b_QJy@nj2iPz_tdtiv(UOq}^^^HbBvN zUgdLQkUC##@m%A@ul_&WC4mH>T&F0VI{i0Ff1Lh@m{kG|5RaX`ggD&z98*DmV#sLH z%cT;vOnJyGMsF?EKatE8pe-{}fm@xf zq3t<&xb0OPBHETVp3~O}UaH(3at^zdKS{i`3l1}KSSy^!QPbsy|3ax9-H$%hRb$Be zN{UVi>p;AD@A5CbpXC;}n5%9%uUWr@2vf`RKiZa7TD0kNVxi~jSii)jE(C%2uxn^N zCYk*8<%=D1zqRdTIn0${Fk+9eciTi=Q1B}B3%|(5zM$V0B2&OtWqq(ZSz8+!Q&}+$ mJ1&!S@O(B{TGmcEv)QOiUH*Q>G>SGbRAhyz_Q-4t@c%b?MDh#( diff --git a/openexr.spec b/openexr.spec index 8e55439..398ea05 100644 --- a/openexr.spec +++ b/openexr.spec @@ -36,7 +36,7 @@ BuildRequires: fltk-devel BuildRequires: freeglut-devel BuildRequires: gcc-c++ BuildRequires: pkgconfig -BuildRequires: pkgconfig(IlmBase) = %{version} +BuildRequires: pkgconfig(IlmBase) >= 2.2.0 BuildRequires: pkgconfig(zlib) Obsoletes: OpenEXR <= 1.6.1 Provides: OpenEXR = %{version} From b60a9264d267dfe4bccec425271601886b07a0349476b5cb0ba7f811529a0ba6 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Mon, 12 Feb 2018 15:15:10 +0000 Subject: [PATCH 3/3] - Update to 2.2.1 - pgajdos@suse.com: but really seem to fix only: CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for the rest of issues see [bsc#1040109], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305] OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=10 --- openexr.changes | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/openexr.changes b/openexr.changes index 1bf20e9..13ec75c 100644 --- a/openexr.changes +++ b/openexr.changes @@ -1,11 +1,15 @@ ------------------------------------------------------------------- Mon Jan 15 05:19:19 UTC 2018 - avindra@opensuse.org -- Update to 2.2.1 [bsc#1040109], [bsc#1040107], [bsc#1040112], - [bsc#1040113], [bsc#1040114], [bsc#1040115], [bsc#1040116] +- Update to 2.2.1 * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116 +- pgajdos@suse.com: but really seem to fix only: + CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], + CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for + the rest of issues see [bsc#1040109], [bsc#1040112], + [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305] ------------------------------------------------------------------- Wed Jul 12 09:22:22 UTC 2017 - tchvatal@suse.com