diff --git a/baselibs.conf b/baselibs.conf index fc2bb05..8e2a8a5 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1,3 +1,3 @@ -libIlmImf-2_2-23 -libIlmImfUtil-2_2-23 +libIlmImf-2_3-24 +libIlmImfUtil-2_3-24 obsoletes "OpenEXR- < " diff --git a/openexr-2.2.1.tar.gz b/openexr-2.2.1.tar.gz deleted file mode 100644 index 0e06d34..0000000 --- a/openexr-2.2.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8f9a5af6131583404261931d9a5c83de0a425cb4b8b25ddab2b169fbf113aecd -size 18176639 diff --git a/openexr-2.2.1.tar.gz.sig b/openexr-2.2.1.tar.gz.sig deleted file mode 100644 index 9ffdf6b..0000000 Binary files a/openexr-2.2.1.tar.gz.sig and /dev/null differ diff --git a/openexr-2.3.0.tar.gz b/openexr-2.3.0.tar.gz new file mode 100644 index 0000000..d6935fc --- /dev/null +++ b/openexr-2.3.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fd6cb3a87f8c1a233be17b94c74799e6241d50fc5efd4df75c7a4b9cf4e25ea6 +size 18412067 diff --git a/openexr-2.3.0.tar.gz.sig b/openexr-2.3.0.tar.gz.sig new file mode 100644 index 0000000..86c6eac Binary files /dev/null and b/openexr-2.3.0.tar.gz.sig differ diff --git a/openexr-CVE-2018-18444.patch b/openexr-CVE-2018-18444.patch new file mode 100644 index 0000000..2c10172 --- /dev/null +++ b/openexr-CVE-2018-18444.patch @@ -0,0 +1,13 @@ +Index: openexr-2.3.0/exrmultiview/Image.h +=================================================================== +--- openexr-2.3.0.orig/exrmultiview/Image.h 2018-08-10 03:35:00.000000000 +0200 ++++ openexr-2.3.0/exrmultiview/Image.h 2018-11-07 09:07:48.072431858 +0100 +@@ -227,7 +227,7 @@ template + void + TypedImageChannel::black () + { +- memset(&_pixels[0][0],0,image().width()/_xSampling*image().height()/_ySampling*sizeof(T)); ++ memset(&_pixels[0][0],0,image().width()/_xSampling*(image().height()/_ySampling)*sizeof(T)); + } + + diff --git a/openexr.changes b/openexr.changes index 13ec75c..e90ad0d 100644 --- a/openexr.changes +++ b/openexr.changes @@ -1,14 +1,54 @@ +------------------------------------------------------------------- +Wed Nov 7 11:07:19 UTC 2018 - Jan Engelhardt + +- Codify new ilmbase requirements. + +------------------------------------------------------------------- +Wed Nov 7 09:42:59 UTC 2018 - Petr Gajdos + +- security update + * CVE-2018-18444 [bsc#1113455] + + openexr-CVE-2018-18444.patch + +------------------------------------------------------------------- +Tue Nov 6 09:35:55 UTC 2018 - Petr Gajdos + +- asan_build: build ASAN included +- debug_build: build more suitable for debugging + +------------------------------------------------------------------- +Mon Nov 5 13:22:33 UTC 2018 - Jan Engelhardt + +- Remove useless --with-pic. +- Adjust RPM groups and repair sentence structure. + +------------------------------------------------------------------- +Mon Nov 5 11:19:12 UTC 2018 - Petr Gajdos + +- updated to 2.3.0 + * ThreadPool overhead improvements, enable custom thread pool + to be registered via ThreadPoolProvider class + * Fixes to enable custom namespaces for Iex, Imf + * Improve read performance for deep/zipped data, and + SIMD-accelerated uncompress support + * Added rawPixelDataToBuffer() function for access to + compressed scanlines + * Iex::BaseExc no longer derived from std::string. + * Imath throw() specifiers removed + * Initial Support for Python 3 + * removed patch + ------------------------------------------------------------------- Mon Jan 15 05:19:19 UTC 2018 - avindra@opensuse.org -- Update to 2.2.1 +- Update to 2.2.1 * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115 and CVE-2017-9116 - pgajdos@suse.com: but really seem to fix only: CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114], CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for - the rest of issues see [bsc#1040109], [bsc#1040112], + the rest of issues see [bsc#1040109], [bsc#1040112], [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305] ------------------------------------------------------------------- @@ -48,7 +88,7 @@ Thu Apr 24 09:54:12 UTC 2014 - dmueller@suse.com Thu Nov 28 10:22:05 UTC 2013 - toganm@opensuse.org - add openexr-2.1.0-headers.patch to install - ImfDeepImageStateAttribute.h header too + ImfDeepImageStateAttribute.h header too ------------------------------------------------------------------- Wed Nov 27 09:17:45 UTC 2013 - mvyskocil@suse.com @@ -58,7 +98,7 @@ Wed Nov 27 09:17:45 UTC 2013 - mvyskocil@suse.com data, optimisations for some of the python bindings to Imath, improvements to the cmake build environment as well as additional documentation describing deep data in more detail. -- make tests conditional, enable fuzz test and huge test +- make tests conditional, enable fuzz test and huge test ------------------------------------------------------------------- Mon Jul 15 11:00:04 UTC 2013 - mvyskocil@suse.com @@ -81,14 +121,14 @@ Fri Apr 12 13:43:33 UTC 2013 - mvyskocil@suse.com - update to 2.0.0 * Deep Data support - Pixels can now store a variable-length list of samples. The main rationale behind deep images is to enable the storage of multiple - values at different depths for each pixel. OpenEXR 2.0 supports both - hard-surface and volumetric representations for Deep Compositing workflows. + values at different depths for each pixel. OpenEXR 2.0 supports both + hard-surface and volumetric representations for Deep Compositing workflows. * Multi-part Image Files - With OpenEXR 2.0, files can now contain a number of separate, but related, data parts in one file. Access to any part is independent of the others, pixels from parts that are not required in the current operation don't need to be accessed, resulting in quicker read - times when accessing only a subset of channels. The multipart interface - also incorporates support for Stereo images where views are stored in + times when accessing only a subset of channels. The multipart interface + also incorporates support for Stereo images where views are stored in separate parts. This makes stereo OpenEXR 2.0 files significantly faster to work with than the previous multiview support in OpenEXR. * Optimized pixel reading - decoding RGB(A) scanline images has been @@ -96,7 +136,7 @@ Fri Apr 12 13:43:33 UTC 2013 - mvyskocil@suse.com both old and new format images, including multipart and multiview files. * Namespacing - The library introduces versioned namespaces to avoid conflicts between packages compiled with different versions of the library. -- obsoleted +- obsoleted openexr-suse-docdir.patch (moved in install phase) openexr-disable-tests.patch @@ -109,12 +149,12 @@ Thu Sep 27 14:51:27 UTC 2012 - cfarrell@suse.com ------------------------------------------------------------------- Thu Sep 27 09:20:21 UTC 2012 - idonmez@suse.com -- Update baselibs.conf +- Update baselibs.conf ------------------------------------------------------------------- Thu Aug 2 12:46:25 UTC 2012 - mvyskocil@suse.cz -- Update to 1.7.1 +- Update to 1.7.1 * Updated the .so verison to 7. * obsoletes openexr-includes.patch - require new ilmbase-devel for build @@ -125,7 +165,7 @@ Thu Aug 2 12:46:25 UTC 2012 - mvyskocil@suse.cz Tue Apr 24 13:26:54 UTC 2012 - mvyskocil@suse.cz - disable the test at all, as running them in OBS seems not to be - reliable + reliable ------------------------------------------------------------------- Sun Jan 29 17:50:27 UTC 2012 - jengelh@medozas.de @@ -178,7 +218,7 @@ Tue Aug 4 07:09:30 UTC 2009 - mvyskocil@suse.cz ------------------------------------------------------------------- Mon Mar 2 05:41:46 CET 2009 - crrodriguez@suse.de -- save 6.7MB by removing static libraries and "la" files +- save 6.7MB by removing static libraries and "la" files ------------------------------------------------------------------- Wed Dec 10 12:34:56 CET 2008 - olh@suse.de @@ -223,7 +263,7 @@ Tue Jan 16 10:44:14 CET 2007 - meissner@suse.de ------------------------------------------------------------------- Mon Jun 12 15:40:26 CEST 2006 - dmueller@suse.de -- fix shared lib dependencies +- fix shared lib dependencies - fix installed headers ------------------------------------------------------------------- @@ -239,7 +279,7 @@ Mon Nov 7 15:06:31 CET 2005 - sndirsch@suse.de ------------------------------------------------------------------- Wed Nov 2 21:53:50 CET 2005 - dmueller@suse.de -- don't build as root +- don't build as root ------------------------------------------------------------------- Wed May 25 14:49:41 CEST 2005 - adrian@suse.de @@ -254,7 +294,7 @@ Mon May 23 16:21:09 CEST 2005 - schwab@suse.de ------------------------------------------------------------------- Thu Jan 13 14:30:26 CET 2005 - ro@suse.de -- try to fix docu installation +- try to fix docu installation ------------------------------------------------------------------- Mon Jun 28 13:59:35 CEST 2004 - adrian@suse.de diff --git a/openexr.spec b/openexr.spec index 398ea05..ea32fbe 100644 --- a/openexr.spec +++ b/openexr.spec @@ -12,32 +12,45 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%global so_suffix -2_2-23 +# perhaps you want to build against corresponding ilmbase build +%define asan_build 0 +%define debug_build 0 +%define sonum 24 +%global so_suffix -2_3-24 # tests should run at least during local build # but do expect a HUGE number of memory, so beware %bcond_with tests Name: openexr -Version: 2.2.1 +Version: 2.3.0 Release: 0 -Summary: Utilities for work with HDR images in OpenEXR format +Summary: Utilities for working with HDR images in OpenEXR format License: BSD-3-Clause Group: Productivity/Graphics/Other Url: http://www.openexr.com/ -Source0: http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz -Source1: http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz.sig +Source0: https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz +Source1: https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz.sig Source2: baselibs.conf Source3: openexr.keyring +Patch0: openexr-CVE-2018-18444.patch BuildRequires: automake BuildRequires: fltk-devel BuildRequires: freeglut-devel BuildRequires: gcc-c++ BuildRequires: pkgconfig -BuildRequires: pkgconfig(IlmBase) >= 2.2.0 +BuildRequires: pkgconfig(IlmBase) >= 2.3.0 BuildRequires: pkgconfig(zlib) +%if %{asan_build} || %{debug_build} +BuildRequires: ilmbase-debugsource +BuildRequires: libHalf%{sonum}-debuginfo +BuildRequires: libIex%{so_suffix}-debuginfo +BuildRequires: libIexMath%{so_suffix}-debuginfo +BuildRequires: libIlmThread%{so_suffix}-debuginfo +BuildRequires: libImath%{so_suffix}-debuginfo +%endif Obsoletes: OpenEXR <= 1.6.1 Provides: OpenEXR = %{version} @@ -56,7 +69,7 @@ contains a set of utilities to work with this format. %package -n libIlmImf%{so_suffix} Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format -Group: Development/Libraries/C and C++ +Group: System/Libraries %description -n libIlmImf%{so_suffix} OpenEXR is a high dynamic-range (HDR) image file format developed by @@ -68,12 +81,12 @@ This package contains shared library libIlmImf %postun -n libIlmImf%{so_suffix} -p /sbin/ldconfig %files -n libIlmImf%{so_suffix} -%doc COPYING +%license LICENSE %{_libdir}/libIlmImf-*.so.* %package -n libIlmImfUtil%{so_suffix} Summary: Library to simplify development of OpenEXR utilities -Group: Development/Libraries/C and C++ +Group: System/Libraries %description -n libIlmImfUtil%{so_suffix} OpenEXR is a high dynamic-range (HDR) image file format developed by @@ -85,15 +98,15 @@ This package contains shared library libIlmImfUtil %postun -n libIlmImfUtil%{so_suffix} -p /sbin/ldconfig %files -n libIlmImfUtil%{so_suffix} -%doc COPYING +%license LICENSE %{_libdir}/libIlmImfUtil-*.so.* %package devel -Summary: Library to Handle EXR Pictures (16-bit floating-point format) +Summary: Development files for the 16-bit FP EXR picture handling library Group: Development/Libraries/C and C++ Requires: libIlmImf%{so_suffix} = %{version} Requires: libIlmImfUtil%{so_suffix} = %{version} -Requires: libilmbase-devel +Requires: libilmbase-devel >= 2.3.0 Requires: pkgconfig Requires: pkgconfig(zlib) Obsoletes: OpenEXR-devel <= 1.6.1 @@ -108,8 +121,8 @@ Industrial Light & Magic for use in computer imaging applications. This package contains header files. %package doc -Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format -Group: Development/Libraries/C and C++ +Summary: Documentatino for the 16-bit FP EXR picture handling library +Group: Documentation/PDF Obsoletes: OpenEXR-doc <= 1.6.1 Provides: OpenEXR-doc = %{version} @@ -117,45 +130,50 @@ Provides: OpenEXR-doc = %{version} OpenEXR is a high dynamic-range (HDR) image file format developed by Industrial Light & Magic for use in computer imaging applications. -This package contains a documentation +This package contains documentation. %prep %setup -q - -# poor man's fdupes -if cmp COPYING LICENSE; then - rm -rf LICENSE - ln -sf COPYING LICENSE -fi - -# remove non-linux file -rm README.OSX +%patch0 -p1 %build export PTHREAD_LIBS="-lpthread" +%if %{debug_build} +export CXXFLAGS="%{optflags} -O0" +%endif %configure \ + --docdir=%{_docdir}/%{name} \ --disable-static \ - --with-pic \ --enable-large-stack \ --enable-imfexamples \ --enable-imffuzztest \ --enable-imfhugetest +%if %{asan_build} +vmemlimit=$(ulimit -v) +if [ $vmemlimit != unlimited ]; then + echo "ulimit -v has to be unlimited (currently $vmemlimit) to run ASAN build" + exit 1 +fi +for i in $(find -name Makefile); do + sed -i -e 's/\(^CXXFLAGS.*\)/\1 -fsanitize=address/' \ + -e 's/\(^LIBS =.*\)/\1 -lasan/' \ + $i +done +%endif make %{?_smp_mflags} %install %make_install find %{buildroot} -type f -name "*.la" -delete -print -install -d -m 0755 %{buildroot}%{_defaultdocdir}/ -mv %{buildroot}%{_datadir}/doc/OpenEXR-2* %{buildroot}%{_defaultdocdir}/%{name}-%{version} - %check %if %{with tests} make %{?_smp_mflags} check %endif %files -%doc AUTHORS ChangeLog COPYING LICENSE NEWS README* +%license LICENSE +%doc AUTHORS ChangeLog NEWS README* %{_bindir}/exrenvmap %{_bindir}/exrheader %{_bindir}/exrmakepreview @@ -172,6 +190,10 @@ make %{?_smp_mflags} check %{_datadir}/aclocal/openexr.m4 %files doc -%{_docdir}/%{name}-%{version} +%{_docdir}/%{name} +%exclude %{_docdir}/%{name}/AUTHORS +%exclude %{_docdir}/%{name}/ChangeLog +%exclude %{_docdir}/%{name}/NEWS +%exclude %{_docdir}/%{name}/README* %changelog