Up to [cvs.NetBSD.org] / pkgsrc / graphics / openexr
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
openexr: update to 3.3.2. ## Version 3.3.2 (November 11, 2024) Patch release that fixes several bugs and build issues: * A recent change to CMake had the unintended consequence of installing headers and libraries from `libdeflate` when doing an internal build. This is now fixed. * Fix custom namespaces * Add thread control to `exrmetrics` tool * Reintroduce single cache for successive scanline reads * Allow empty filename when providing a custom stream * Handle non-seekable stream in python module's `InputFile` object This release fixes: * OSS-fuzz [372524117](https://issues.oss-fuzz.com/issues/372524117) Null-dereference WRITE in Imf_3_4::ScanLineProcess::run_fill
openexr: update to 3.3.1. ## Version 3.3.1 (October 8, 2024) Patch release that addresses several build and performance issues: * Fix a performance regression 3.3.0 in huf/piz compression * Replace ``FetchContent_Populate`` with ``FetchContent_MakeAvailable`` * Build wheels for python 3.12 * Fix a problem with python wheel sdist that caused local build to fail * Compile source files in parallel under MSVC
openexr: add upstream bug report URL
openexr: update to 3.3.0. ## Version 3.3.0 (September 30, 2024) Minor release two significant changes: - The C++ API now uses the OpenEXRCore library underneath. - This is a transparent change to the existing API, although the ABI (i.e. structure / class layout) has changed - Existing reading of pixel data should be more efficient due to fewer memory allocations / frees during the process of reading. Additionally, some more specialisation of unpacking routines may result in faster unpack times - All compression routines are implemented by the C Core layer underneath and no longer duplicated - Initial support for "stateless" reading of scanlines has been proposed, allowing multiple threads to read scanlines into different frame buffer objects at the same time. While well tested at the Core level, the C++ api should be considered experimental for this release - Thread dispatch for reading different file types has been made more homogeneous, so is simpler and more consistent - New API for accessing compression types In anticipation of future support for new compression types, there is now a convenience API for mapping between compression type names and the associated enum: - ``getCompressionDescriptionFromId(Compression, std::string&)`` - ``getCompressionIdFromName(const std::string&, Compression&)`` - ``getCompressionNameFromId(Compression, std::string&)`` - ``getCompressionNamesString(const std::string&, std::string&)`` - ``getCompressionNumScanlines(Compression)`` - ``isValidCompression(int)`` - New bin tools: - ``exrmetrics`` - Read an OpenEXR image from infile, write an identical copy to outfile reporting time taken to read/write and file sizes. Useful for benchmarking performance in space and time. - ``exrmanifest`` - Read exr files and print the contents of the embedded manifest. The manifest provides a mapping between integer object identifiers and human-readible strings. See [OpenEXR Deep IDs Specification](https://openexr.com/en/latest/DeepIDsSpecification.html) for more details. - New python bindings. This version introduces a new python API, the ``File`` object, which provides full support for reading and writing all types of ``.exr`` image files, including scanline, tiled, deep, mult-part, multi-view, and multi-resolution images with pixel types of unsigned 32-bit integers and 16- and 32-bit floats. It provides access to pixel data through ``numpy`` arrays, as either one array per channel or with R, G, B, and A interleaved into a single array RGBA array. Previous releases of the openexr python module supported only scanline files. The previous API remains in place for now for backwards compatibility. See [src/wrappers/python/README.md](src/wrappers/python/README.md) for a synopsis.
openexr: update to 3.2.4. ## Version 3.2.4 (March 26, 2024) Patch release that fixes handling of dwa compression in OpenEXRCore library. Other miscellaneous changes: - Add CMake `find_dependency` for `libdeflate`, to fix a vcpkg build error - Remove the unused CMake option ``OPENEXR_INSTALL_EXAMPLES`` - Fix some other compiler warnings. ### Merged Pull Requests * Fix typo causing prefix len to be wrong * CMake packaging fix. * Improve workflow filters * 🐛 Remove the OPENEXR_INSTALL_EXAMPLES CMake option * Initialize _ySampling to 0 * Use size_t as iterator instead of int
openexr: update to 3.2.3. ## Version 3.2.3 (March 6, 2024) Patch release with various build/bug/documentation fixes: * Fix `bswap` on NetBSD * Fix issue with decompressing fp32 dwa files * Support cmake config for `libdeflate` * updated security policy * miscelleneous website improvements This release also addresses: * OSS-fuzz [66676](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66676) Null-dereference in Imf_3_3::realloc_deepdata * OSS-fuzz [66612](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66612) Null-dereference in Imf_3_3::realloc_deepdata
openexr: update to 3.2.2. ## Version 3.2.2 (February 11, 2024) Patch release that addresses [CVE-2023-5841](https://takeonme.org/cves/CVE-2023-5841.html). Note that this bug is present in the C++ API (since v3.1.0), although it is in a routine that is predominantly used for development and testing. It is not likely to appear in production code. This release also addresses: * OSS-fuzz [66491](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66491) Out-of-memory in openexr_exrcorecheck_fuzzer * OSS-fuzz [66489](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66489) Null-dereference in `Imf_3_3::realloc_deepdata` ### Merged Pull Requests * [1632](https://github.com/AcademySoftwareFoundation/openexr/pull/1632) adjust checks for core to better match c++ checks * [1630](https://github.com/AcademySoftwareFoundation/openexr/pull/1630) fix issue with unpacking sample counts * [1627](https://github.com/AcademySoftwareFoundation/openexr/pull/1627) Fix CVE 2023 5841
openexr: update to 3.2.1. ## Version 3.2.1 (September 27, 2023) Patch release with miscellaneous build fixes: * Fix for linking statically against an external ``libdeflate`` * Fix a compile error with ``OPENEXR_VERSION_HEX`` * Fix various compiler warnings * Pkg-config generation is now on by default for all systems, including Windows ### Merged Pull Requests Fix Imf/Iex/IlmThread namespaces in python bindings and website code Update openexr_deps.bzl Bazel: Improve module Clean up handling of libdeflate when linking static Omit OPENEXR_IMAGES_TAG from test image url if empty Set build-shared:OFF for Static build OPENEXR_INSTALL_PKG_CONFIG is on by default, even on Windows Default value for chromaticities attribute constructor in exrstdattr Fix OPENEXR_VERSION_HEX Python wheel setup gets version from OpenEXR.pc/Imath.pc Fix warnings from cross-compiling with x86_64-w64-mingw32-gcc-posix Fix warnings in multipartExamples.cpp Don't trigger ci/bazel/ossfuzz builds on pushes/PRs to src/wrappers Propagate OPENEXR_INSTALL_PKG_CONFIG to internal Imath Set minimal permissions for workflow python-wheels.yml Remove check for _MSC_VER in internal_cpuid.h ## Version 3.2.0 (August 30, 2023) Minor release with several additions, changes and improvements: * Zip compression via ``libdeflate`` As of OpenEXR release v3.2, OpenEXR depends on [libdeflate](https://github.com/ebiggers/libdeflate) for DEFLATE-based compression. Previous OpenEXR releases relied on [zlib](https://www.zlib.net). Builds of OpenEXR can choose either an ``libdeflate`` installation, or CMake can auto-fetch the source and build it internally. The internal build is linked statically, so no extra shared object is produced. See [website/install.rst](website/install.rst) for more details. * New camdkit/camdkit-enabled standard attributes These changes bring to OpenEXR new standard optional attributes that were discussed in the [SMPTE Rapid Industry Solutions On-Set Virtual Production Initiative)](https://www.smpte.org/blog/update-on-smptes-rapid-industry-solutions-ris-on-set-virtual-production-osvp-initiative). Additionally, some useful attributes from the SMPTE ACES Container File Layout standard, SMPTE ST 2065-4:2023, have been included as well. The new attributes are: Support automated editorial workflow: - ``reelName`` - ``imageCounter`` - ``ascFramingDecisionList`` Support forensics: - ``cameraMake`` - ``cameraModel`` - ``cameraSerialNumber`` - ``cameraFirmware`` - ``cameraUuid`` - ``cameraLabel`` - ``lensMake`` - ``lensModel`` - ``lensSerialNumber`` - ``lensFirmware`` - ``cameraColorBalance`` Support pickup shots: - ``shutterAngle`` - ``cameraCCTSetting`` - ``cameraTintSetting`` Support metadata-driven match move: - ``sensorCenterOffset`` - ``sensorOverallDimensions`` - ``sensorPhotositePitch`` - ``sensorAcquisitionRectangle`` - ``nominalFocalLength`` - ``effectiveFocalLength`` - ``pinholeFocalLength`` - ``entrancePupilOffset`` - ``tStop`` (complementing existing aperture) Also, ``renderingTransform`` and ``lookTransform`` have been deprecated. * Updated SO versioning policy This change adopts a policy of appending the ``MAJOR.MINOR.PATCH`` software release name to the ``SONAME`` to form the real name of the shared library. * Python bindings & PyPI wheel Support for the [OpenEXR python bindings](https://pypi.org/project/OpenEXR) have been formally adopted by the OpenEXR project. * Miscellaneous improvements: - "docs" renamed to "website" ([PR #1504](https://github.com/AcademySoftwareFoundation/openexr/pull/1504)) - Additional deep & multipart code examples ([PR #1493](https://github.com/AcademySoftwareFoundation/openexr/pull/1493) and [PR #1502](https://github.com/AcademySoftwareFoundation/openexr/pull/1502)) - Many small build/test fixes - bin tools man pages - Expanded test coverage Specific OSS-fuzz issues addressed: Out-of-memory in ``openexr_exrcheck_fuzzer`` Heap-buffer-overflow in ``generic_unpack`` Integer-overflow in ``reconstruct_chunk_table`` Heap-double-free in ``Imf_3_1::RgbaInputFile::~RgbaInputFile`` Abrt in ``Imf_3_1::RgbaInputFile::~RgbaInputFile`` Direct-leak in ``Imf_3_1::RgbaInputFile::RgbaInputFile`` ### Merged Pull Requests `OpenEXRConfig.h.in` uses version extracted from `openexr_version.h` Add bzlmod support Add `DEPENDENCIES Imath::Imath` for OpenEXRCore (#1523) Rename cifuzz workflow to OSS-Fuzz, and filter out unnecessary triggers fix memory leaks in exrmultipart Remove .bazelrc file Bazel support: Simplify use of libdeflate dependency Streamline Python wheel workflow, and add tests and a CMake setup for bindings Bazel support: Remove Bazel specific example and use same examples as CMake build Separate Actions workflow for the website Website "Attributes" page now describes all attributes Deprecate renderingTransform and lookModTransform Initialize regs[] to 0 in check_for_x86_simd Fix CPUID detection with ``-march=x86-64-v3`` Add missing copyright/license specifiers Rename "docs" to "website" Reorganize ``share/util`` and remove unnecessary files multipart code examples Add website example source files to the CMake build for validation Add 2023 Virtual Town Hall to news Update and simplify SO versioning policy Bazel update Rename ``IMATH_REPO/TAG`` to ``OPENEXR_IMATH_REPO/TAG`` and update install docs Reorder attributes in doc to match order in header adds deep examples, fixes the deep examples in docs Readdress #1456: disallow NaNs in ``testOptimizedInterleavePatterns`` Add ``sensorCenterOffset``, ``sensorOverallDimensions``, ``sensorPhotositePitch`` Revert pre-computed values Python wheels Replace ``ILMBASE_THREADING_ENABLED`` with ``ILMTHREAD_THREADING_ENABLED`` Fix handling for corrupt number of DC components Add ``ImfMisc.h`` and ``ImfCompressor.h`` as installed headers Add ``OPENEXR_MISSING_ARM_VLD1`` workaround to ``internal_dwa_simd.h`` Update CI with vfx2023 Linux jobs. consolidate project configurations to one place Fix range check in dwa compressor Add detailed instructions for making both patch and major/minor release Remove old zlib reference v3.1.9/v3.1.8 notes and news CIFuzz skips PRs that only modify markdown Add simple abi checker util Fix handling of builddir and cxxwarns in ``clang_coverage.sh`` Prevent re-download of images if already in place prepare for new version of libdeflate with thread-safe alloc functions Start working on improving test coverage Fix reference to the number of supported compression types after other merges, need to fix include Document DWAA/DWAB compression in Technical Introduction ci: set minimal permissions on GitHub workflows Shift MacOS versions in flight Revert fix of spelling mistakes in PR messages ensure we are passing through valid function pointers Fix version h More robust ``openexr_version.h`` handling Fix spelling mistakes Bazel support update Remove unused private member ``variable`` _maxScanLineSize (ABI break) Updated Mac and Windows jobs for VFX platform 2023. Switch to embedding libdeflate into EXRCore Govern library version by ``OpenEXRVersion.h`` Add selected SMPTE camdkit or camdkit-enabling standard optional attributes Deprecate ``exrbuild.cpp`` Tool manpages, doc page, and standardized ``--help`` messages Reorder attribute definitions in ``ImfStandardAttributes.h`` by functional group notes and news for v3.1.7 Test Images page for website Extend Iex test coverage Fix ``run_gcov.sh`` to use proper ``_build/_coverage`` dirs Fix coverage analysis for .c files Add 3.1.6 to release notes and news Add tests for bin programs Bazel Support: Switch to Imath 3.1.7 Switch to Imath 3.1.6 for Bazel build Update bazel build Bazel support: Bump OpenEXR version to 3.2 Refactor ``ImfCheckFile`` and oss-fuzz tests Fix Bazel Imath version defines Update GitHub checkout action from V2 to V3 Bump version to 3.2.0 on the main branch prevent double-free of ``RgbaInputFile::_inputPart`` Fix build script so auto-build of imath uses the new branch name Merge release notes and SECURITY.md from RB-3.1 fix memory leak in ``RgbaInputFile`` constructor Extend multipart ``RgbaInputFile`` API Fix version number of Imath for Bazel build RgbaInputFile: Multipart support Merge v3.1.2 release notes to master Bazel update Bazel build: Update Imath version to 3.1.2 Update Imath to 3.1.1 and bazelisk to 1.10.1 Update Imath to 3.1.0 for Bazel build Use Bazel standard convention for repository names Analysis CI updates Release notes for v3.1.0 Cherry-pick v3.0.5 release notes into master Do Bazel CI builds also for pull requests Bazel build: Update Imath to version 3.0.5 Bazel build: Fix download hash for Imath Do not do a Bazel Build on old OpenEXR branches Fix bazel build: Add missing headers to exrenvmap Bazel build: Add some OpenEXR tools Sort source files in CMake targets Improve Bazel Build Add ``validate_openexr_libs.sh`` to validate .so symlinks ## Version 3.1.11 (August 13, 2023) Patch release that fixes a build failure with ``-march=x86-64-v3`` ### Merged Pull Requests Initialize ``regs[]`` to 0 in ``check_for_x86_simd`` Fix CPUID detection with ``-march=x86-64-v3`` ## Version 3.1.10 (August 2, 2023) Patch release that addresses miscellaneous build issues, test failures, and performance regressions, as well as: Heap-buffer-overflow in ``LossyDctDecoder_execute``
openexr: update to 3.1.9. ## Version 3.1.9 (June 25, 2023) Patch release that addresses miscelleneous build and doc issues, as well as: * OSS-fuzz [59382](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59382) Heap-buffer-overflow in internal_huf_decompress ### Merged Pull Requests * [1461](https::/github.com/AcademySoftwareFoundation/openexr/pull/1461) don't use NaNs/infs in testOptimizedInterleavePatterns * [1457](https::/github.com/AcademySoftwareFoundation/openexr/pull/1457) Bazel support: Switch back to VS2019 due to a toolchain issue in Bazel * [1454](https::/github.com/AcademySoftwareFoundation/openexr/pull/1454) Add ``OPENEXR_IMF_INTERNAL_NAMESPACE`` for ``WidenFilename`` * [1452](https::/github.com/AcademySoftwareFoundation/openexr/pull/1452) Use ``security@openexr.com`` for consistency * [1448](https::/github.com/AcademySoftwareFoundation/openexr/pull/1448) compression.cpp: fix isnan * [1443](https::/github.com/AcademySoftwareFoundation/openexr/pull/1443) Bazel bump imath * [1439](https::/github.com/AcademySoftwareFoundation/openexr/pull/1439) Fix scenario where malformed dwa file could read past end of buffer * [1416](https::/github.com/AcademySoftwareFoundation/openexr/pull/1416) IlmThread: fix defines for older macOS: do not prefix with ``__``
openexr: update to 3.1.8. ## Version 3.1.8 (June 2, 2023) Patch release that addresses miscellaneous build issues, for macOS in particular, but also includes: * Support for DWA compression in OpenEXRCore * Fix for threadpool deadlocks during shutdown on Windows This release also addresses: * OSS-fuzz 59070 Stack-buffer-overflow in DwaCompressor_readChannelRules
openexr: update to 3.1.7. ## Version 3.1.7 (March 28, 2023) Patch release that fixes a regression on ARMv7, and fixes a build issue with zlib.
Pullup ticket #6742 - requested by bsiegert graphics/openexr: security update Revisions pulled up: - graphics/openexr/Makefile 1.48 - graphics/openexr/PLIST 1.21 - graphics/openexr/distinfo 1.46 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Thu Mar 30 16:38:14 UTC 2023 Modified Files: pkgsrc/graphics/openexr: Makefile PLIST distinfo Log Message: openexr: update to 3.1.6 (security) Patch release that address various bug/build issues and optimizations: - NEON optimizations for ZIP reading - Enable fast Huffman & Huffman zig-zag transform for Arm Neon - Support relative and absolute libdir/incluedir in pkg-config generation - Fix for reading memory mapped files with DWA compression - Enable SSE4 support on Windows - Fast huf decoder - CMake config for generating docs is now BUILD_DOC Also, this release includes a major update and reorganization of the repo documentation and the https://openexr.com website. In addition, numerous typos and misspellings in comments and doxygen content have been fixed via codespell. Specific OSS-fuzz issues address: - OSS-fuzz 52730 Heap-buffer-overflow in fasthuf_initialize - OSS-fuzz 49698 Heap-buffer-overflow in fasthuf_decode - OSS-fuzz 47517 Integer-overflow in reconstruct_chunk_table - OSS-fuzz 47503 Heap-buffer-overflow in uncompress_b44_impl - OSS-fuzz 47483 Heap-buffer-overflow in generic_unpack To generate a diff of this commit: cvs rdiff -u -r1.47 -r1.48 pkgsrc/graphics/openexr/Makefile cvs rdiff -u -r1.20 -r1.21 pkgsrc/graphics/openexr/PLIST cvs rdiff -u -r1.45 -r1.46 pkgsrc/graphics/openexr/distinfo
Drop patches again as they were against the version before the update committed a few hours earlier.
Don't depend on system header polluting the namespace for finding uint64_t.
openexr: update to 3.1.6 (security) Patch release that address various bug/build issues and optimizations: - NEON optimizations for ZIP reading - Enable fast Huffman & Huffman zig-zag transform for Arm Neon - Support relative and absolute libdir/incluedir in pkg-config generation - Fix for reading memory mapped files with DWA compression - Enable SSE4 support on Windows - Fast huf decoder - CMake config for generating docs is now BUILD_DOC Also, this release includes a major update and reorganization of the repo documentation and the https://openexr.com website. In addition, numerous typos and misspellings in comments and doxygen content have been fixed via codespell. Specific OSS-fuzz issues address: - OSS-fuzz 52730 Heap-buffer-overflow in fasthuf_initialize - OSS-fuzz 49698 Heap-buffer-overflow in fasthuf_decode - OSS-fuzz 47517 Integer-overflow in reconstruct_chunk_table - OSS-fuzz 47503 Heap-buffer-overflow in uncompress_b44_impl - OSS-fuzz 47483 Heap-buffer-overflow in generic_unpack
openexr: update to 3.1.5. ## Version 3.1.5 (April 11, 2022) Patch release that address various bug/build/doc issues: * Add backwards-compatibilty flags to the core library to match original behavior of the the c++ library. Fixes reading of certain files by the new core. * Fix build failures on MSVC14 and MSVC 2022 * Fix build failure on latest 64-bit Ubuntu * Documentation refers to primary branch as "main" * Update the CI workflow matrix to VFX-CY2022 * Update auto-fetch Imath version to v3.1.5
openexr: update to 3.1.4. ## Version 3.1.4 (January 26, 2022) Patch release that addresses various issues: * Several bug fixes to properly reject invalid input upon read * A check to enable SSE2 when building with Visual Studio * A check to fix building with VisualStudio on ARM64 * Update the automatically-downloaded version of Imath to v3.1.4 * Miscellaneous documentation improvements This addresses one public security vulnerability: * [CVE-2021-45942](https://nvd.nist.gov/vuln/detail/CVE-2021-45942) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute Specific OSS-fuzz issues: * OSS-fuzz [43961](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43961) Heap-buffer-overflow in generic_unpack * OSS-fuzz [43916](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43916) Heap-buffer-overflow in hufDecode * OSS-fuzz [43763](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43763) Heap-buffer-overflow in internal_huf_decompress * OSS-fuzz [43745](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43745) Floating-point-exception in internal_exr_compute_tile_information * OSS-fuzz [43744](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43744) Divide-by-zero in internal_exr_compute_tile_information * OSS-fuzz [42197](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42197) Out-of-memory in openexr_exrcheck_fuzzer * OSS-fuzz [42001](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42001) Timeout in openexr_exrcheck_fuzzer * OSS-fuzz [41999](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41999) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute * OSS-fuzz [41669](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41669) Integer-overflow in Imf_3_1::rleUncompress * OSS-fuzz [41625](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41625) Heap-buffer-overflow in uncompress_b44_impl * OSS-fuzz [41416](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute * OSS-fuzz [41075](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41075) Integer-overflow in Imf_3_1::copyIntoDeepFrameBuffer * OSS-fuzz [40704](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40704) Crash in Imf_3_1::DeepTiledInputFile::readPixelSampleCounts * OSS-fuzz [40702](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40702) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputFile> * OSS-fuzz [40701](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40701) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputPart> * OSS-fuzz [40423](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40423) Out-of-memory in openexr_exrcheck_fuzzer * OSS-fuzz [40234](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40234) Heap-buffer-overflow in generic_unpack * OSS-fuzz [40231](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40231) Heap-buffer-overflow in hufDecode * OSS-fuzz [40091](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40091) Heap-buffer-overflow in hufDecode Merged Pull Requests: * [1225](https://github.com/AcademySoftwareFoundation/openexr/pull/1225) Bazel build: Update Imath * [1224](https://github.com/AcademySoftwareFoundation/openexr/pull/1224) Add error check to prevent corrupt files trying to unpack * [1223](https://github.com/AcademySoftwareFoundation/openexr/pull/1223) Fix issues with a a "short" huf table and checking boundary conditions, missing return value * [1222](https://github.com/AcademySoftwareFoundation/openexr/pull/1222) Fix OSS Fuzz 43763, 43745 * [1218](https://github.com/AcademySoftwareFoundation/openexr/pull/1218) OSS-Fuzz pass 15jan2022 * [1217](https://github.com/AcademySoftwareFoundation/openexr/pull/1217) Added missing check _M_IX86 or _M_X64 when using __lzcnt. * [1216](https://github.com/AcademySoftwareFoundation/openexr/pull/1216) Corrected the check to enable SSE2 when building with Visual Studio. * [1214](https://github.com/AcademySoftwareFoundation/openexr/pull/1214) prevent overflow in allocation of RLE buufer * [1213](https://github.com/AcademySoftwareFoundation/openexr/pull/1213) add check for decompressed deepscanline datasize * [1209](https://github.com/AcademySoftwareFoundation/openexr/pull/1209) enforce xSampling/ySampling==1 in CompositeDeepScanLine * [1208](https://github.com/AcademySoftwareFoundation/openexr/pull/1208) Reduce memory consumption with very large deepscanline images * [1206](https://github.com/AcademySoftwareFoundation/openexr/pull/1206) Update INSTALL.md * [1205](https://github.com/AcademySoftwareFoundation/openexr/pull/1205) DeepScanlineInputFile now uses chunk size test from DeepTiledInputFile * [1200](https://github.com/AcademySoftwareFoundation/openexr/pull/1200) Corrected Deep Docs & Example Code * [1199](https://github.com/AcademySoftwareFoundation/openexr/pull/1199) Fix C++ DeepTile reading in Imf::CheckFile * [1195](https://github.com/AcademySoftwareFoundation/openexr/pull/1195) Fix bugs in ImfCheckFile.cpp:readDeepTile() * [1193](https://github.com/AcademySoftwareFoundation/openexr/pull/1193) mention multipart files in multiview doc * [1191](https://github.com/AcademySoftwareFoundation/openexr/pull/1191) Replace Doxygen/Sphinx targets with "docs" * [1190](https://github.com/AcademySoftwareFoundation/openexr/pull/1190) Add Compression section to "Reading and Writing Image Files" doc * [1189](https://github.com/AcademySoftwareFoundation/openexr/pull/1189) Fix typo in readthedocs url
openexr: update to 3.1.3. ## Version 3.1.3 (October 27, 2021) Patch release with a change to default zip compression level: * Default zip compression level is now 4 (instead of 6), which in our tests improves compression times by 2x with only a tiny drop in compression ratio. * ``setDefaultZipCompression()`` and ``setDefaultDwaCompression()`` now set default compression levels for writing. * The Header how has ``zipCompressionLevel()`` and ``dwaCompressionLevel()`` to return the levels used for writing. Also, various bug fixes, build improvements, and documentation updates. In particular: * Fixes a build failure with Imath prior to v3.1 * Fixes a bug in detecting invalid chromaticity values ## Version 3.1.2 (October 4, 2021) Patch release with various bug fixes, build improvements, and documentation updates. In particular: * Fix a test failure on arm7 * Proper handling of pthread with glibc 2.34+ * Miscellaneous fixes for handling of invalid input by the new OpenEXRCore library With this version, the OpenEXR technical documentation formerly distributed exclusivly as pdf's is now published online at https://openexr.readthedocs.io, with the document source now maintained as .rst files in the repo's docs subfolder.
graphics: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes
graphics: Remove SHA1 hashes for distfiles
Fix build for non-amd64 NetBSD architectures (already reported upstream)
openexr: update to 3.1.1. ## Version 3.1.1 (August 2, 2021) Patch release that fixes build failures on various systems, introduces CMake ``CMAKE_CROSSCOMPILING_EMULATOR`` support, and fixes a few other minor issues. ## Version 3.1.0 (July 22, 2021) The 3.1 release of OpenEXR introduces a new library, OpenEXRCore, which is the result of a significant re-thinking of how OpenEXR manages file I/O and provides access to image data. It begins to address long-standing scalability issues with multithreaded image reading and writing. The OpenEXRCore library provides thread-safe, non-blocking access to files, which was not possible with the current API, where the framebuffer management is separate from read requests. It is written entirely in C and provides a new C-language API alongside the existing C++ API. This new low-level API allows applications to do custom unpacking of EXR data, such as on the GPU, while still benefiting from efficient I/O, file validation, and other semantics. It provides efficient direct access to EXR files in texturing applications. This C library also introduces an easier path to implementing OpenEXR bindings in other languages, such as Rust. The 3.1 release represents a technology preview for upcoming releases. The initial release is incremental; the existing API and underlying behavior has not changed. The new API is available now for performance validation testing, and then in future OpenEXR releases, the C++ API will migrate to use the new core in stages. It is not the intention to entirely deprecate the C++ API, nor must all applications re-implement EXR I/O in terms of the C library. The C API does not, and will not, provide the rich set of utility classes that exist in the C++ layer. The 3.1 release of the OpenEXRCore library simply offers new functionality for specialty applications seeking the highest possible performance. In the future, the ABI will evolve, but the API will remain consistent, or only have additions.
openexr: update to 3.0.5 ## Version 3.0.5 (July 1, 2021) Patch release that fixes problems with library symlinks and pkg-config, as well as miscellaneous bugs/security issues. ## Version 3.0.4 (June 3, 2021) Patch release that corrects a problem with the release version number of v3.0.2/v3.0.3: ## Version 3.0.3 (May 18, 2021) Patch release that fixes a regression in v3.0.2 the prevented headers from being installed properly. # Version 3.0.2 (May 17, 2021) Patch release with miscellaneous bug/build fixes, including: * Fix TimeCode.frame max value * Don't impose C++14 on downstream projects * Restore fix to macOS universal 2 build lost from #854 * Imath auto-build version defaults to v3.0.2 ## Version 3.0.1 (April 1, 2021) Major release with major build restructing, security improvements, and new features: * Restructuring: - The IlmBase/PyIlmBase submodules have been separated into the Imath project, now included by OpenEXR via a CMake submodule dependency, fetched automatically via CMake's FetchContent if necessary. - The library is now called ``libOpenEXR`` (instead of ``libIlmImf``). No header files have been renamed, they retain the ``Imf`` prefix. - Symbol linkage visibility is limited to specific public symbols. * Build improvements: - No more simultaneous static/shared build option. - Community-provided support for bazel. * New Features: - ID Manifest Attributes, as described in ["A Scheme for Storing Object ID Manifests in OpenEXR Images"](https://doi.org/10.1145/3233085.3233086), Peter Hillman, DigiPro 18: Proceedings of the 8th Annual Digital Production Symposium, August 2018. - New program: exrcheck validates the contents of an EXR file. * Changes: - EXR files with no channels are no longer allowed. - Hard limit on the size of deep tile sizes; tiles must be less than 2^30 pixels. - Tiled DWAB files used STATIC_HUFFMAN compression. - ``Int64`` and ``SInt64`` types are deprecated in favor of ``uint64_t`` and ``int64_t``. - Header files have been pruned of extraneous ``#include``'s ("Include What You Use"), which may generate compiler errors in application source code from undefined symbols or partially-defined types. These can be resolved by identifying and including the appropriate header.
ilmbase, openexr: update to 2.5.5 ## Version 2.5.5 (February 12, 2021) Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files, but also a fix for universal build support on macOS. Specific OSS-fuzz issues include: * OSS-fuzz [#30291](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30291) * OSS-fuzz [#29106](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29106) * OSS-fuzz [#28971](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28971) * OSS-fuzz [#29829](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29829) * OSS-fuzz [#30121](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30121) ### Merged Pull Requests * [#914](https://github.com/AcademySoftwareFoundation/openexr/pull/914) additional verification of DWA data sizes * [#910](https://github.com/AcademySoftwareFoundation/openexr/pull/910) update tileoffset sanitycheck to handle ripmaps * [#903](https://github.com/AcademySoftwareFoundation/openexr/pull/903) prevent overflows by using Int64 for all vars in DWA initialize * [#901](https://github.com/AcademySoftwareFoundation/openexr/pull/901) Use size_t for DWA buffersize calculation * [#897](https://github.com/AcademySoftwareFoundation/openexr/pull/897) prevent overflow in RgbaFile cachePadding * [#896](https://github.com/AcademySoftwareFoundation/openexr/pull/896) add buffer size validation to FastHuf decode * [#893](https://github.com/AcademySoftwareFoundation/openexr/pull/893) Include <limits> where required by newer compilers * [#889](https://github.com/AcademySoftwareFoundation/openexr/pull/889) Add explicit #include <limits> for numeric_limits * [#854](https://github.com/AcademySoftwareFoundation/openexr/pull/854) Fix Apple Universal 2 (arm64/x86_64) builds
openexr, ilmbase: update to 2.5.4 Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files.
Update ilmbase and openexr to 2.5.3: ## Version 2.5.3 (August 12, 2020) Patch release with various bug/security fixes and build/install fixes, plus a performance optimization: ### Summary * Various sanitizer/fuzz-identified issues related to handling of invalid input * Fixes to misc compiler warnings * Cmake fix for building on arm64 macOS (#772) * Read performance optimization (#782) * Fix for building on non-glibc (#798) * Fixes to tests ## Version 2.5.2 (June 15, 2020) Patch release with various bug/security fixes and build/install fixes. ### Summary * [CVE-2020-15305] Invalid input could cause a heap-use-after-free error in DeepScanLineInputFile::DeepScanLineInputFile() * [CVE-2020-15306] Invalid chunkCount attributes could cause heap buffer overflow in getChunkOffsetTableSize() * [CVE-2020-15304] Invalid tiled input file could cause invalid memory access TiledInputFile::TiledInputFile() * OpenEXRConfig.h now correctly sets OPENEXR_PACKAGE_STRING to "OpenEXR" (rather than "IlmBase") * Various Windows build fixes
ilmbase, openexr: Update to 2.5.1 Changelog: 2.5.1: A patch release that corrects the SO version for the v2.5 release, which missed getting bumped in v2.5.0. This release also fixes an improper failure in IlmImfTest when running on ARMv7 and AAarch64. 2.5.0: Minor release with miscellaneous bug fixes and small features ## Summary * No more build-time header generation: toFloat.h, eLut.h, b44ExpLogTable.h, and dwaLookups.h are now ordinary header files, no longer generated on the fly. * New StdISSTream class, an "input" stringstream version of StdOSStream * New Matrix22 class in Imath * Chromaticity comparison operator now includes white (formerly ignored) * Various cmake fixes * Bug fixes for various memory leaks * Bug fixes for various invalid memory accesses * New checks to detect damaged input files * OpenEXR_Viewers has been deprecated, removed from the top-level cmake build and documentation.
openexr: Update to 2.4.1 Summary: Various fixes for memory leaks and invalid memory accesses Various fixes for integer overflow with large images. Various cmake fixes for build/install of python modules. ImfMisc.h is no longer installed, since it's a private header.
openexr: Update to 2.4.0 Summary of changes: All code compiles without warnings on gcc, clang, msvc Cleanup of license and copyright notices floating-point exception handling is disabled by default New Slice::Make method to reliably compute base pointer for a slice. Miscellaneous bug fixes This version fixes the following security vulnerabilities: CVE-2018-18444 Issue #351 Out of Memory CVE-2018-18443 Issue #350 heap-buffer-overflow
ilmbase/openexr: updated to 2.3.0 OpenEXR v2.3.0 has been released and is available for download. Features/Improvements: ThreadPool overhead improvements, enable custom thread pool to be registered via ThreadPoolProvider class Fixes to enable custom namespaces for Iex, Imf Improve read performance for deep/zipped data, and SIMD-accelerated uncompress support Added rawPixelDataToBuffer() function for access to compressed scanlines Iex::BaseExc no longer derived from std::string. Imath throw() specifiers removed Initial Support for Python 3 Bugs: 25+ various bug fixes (see detailed Release Notes for the full list) Build Fixes: Various fixes to the cmake and autoconf build infrastructures Various changes to support compiling for C++11 / C++14 / C++17 and GCC 6.3.1 Various fixes to address Windows build issues 60+ total build-related fixes (see detailed Release Notes for the full list)
openexr: update to 2.2.1. November 30, 2017 - OpenEXR v2.2.1 has been released and is available for download. This maintenance release addresses the reported OpenEXR security vulnerabilities, specifically CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115, CVE-2017-9116.
Disable concurrent build of a table generator, it uses a lot of memory and often crashes here.
Add SHA512 digests for distfiles for graphics category Problems found with existing digests: Package fotoxx distfile fotoxx-14.03.1.tar.gz ac2033f87de2c23941261f7c50160cddf872c110 [recorded] 118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated] Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz 34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package AfterShotPro: missing distfile AfterShotPro-1.1.0.30/AfterShotPro_i386.deb Package pgraf: missing distfile pgraf-20010131.tar.gz Package qvplay: missing distfile qvplay-0.95.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Add volatile keyword to inline assembly tests to ensure the instructions we are testing for are actually checked, and remove an empty list of clobbered registers. Fixes tests with gcc-4.2.1 on 32-bit OSX, hint from tnn@
Don't use gcc-specific cpuid.h, fix the inline asm to properly save/restore %ebx on i386.
Rework cpuid function to use gnuc __get_cpuid (requiring at least gcc 4.3) This get's over issues such as encountered with PIC builds. Upstream issue : https://github.com/openexr/openexr/issues/128 Revbump due to new dependency on GCC_REQD+= 4.3 (additional patches available upon request for bmake test target)
Fix build on 32bit platforms. Bump the package revision as it is possible that the broken code compiled on some platforms but won't work properly.
Changes 2.2.0: * DreamWorks Lossy Compression A new high quality, high performance lossy compression codec contributed by DreamWorks Animation. This codec allows control over variable lossiness to balance visual quality and file size. This contribution also includes performance improvements that speed up the PIZ codec. * IlmImfUtil A new library intended to aid in development of image file manipulation utilities that support the many types of OpenEXR images.
Changes 2.1.0: This release includes a refactoring of the optimised read paths for RGBA data, optimisations for some of the python bindings to Imath, improvements to the cmake build environment as well as additional documentation describing deep data in more detail.
Version 2.0.1 * Temporarily turning off optimisation code path * Added additional tests for future optimisation refactoring * Fixes for StringVectors * Additional checks for type mismatches * Fix for Composite Deep Scanline
Add patch to fix Solaris 10 build, from Joern Clausen in PR 47867, except that I rearranged the patch a bit and hopefully didn't mess it up.
Version 2.0.0 * Updated Documentation * Updated Namespacing mechanism * Fixes for succd & predd * Fixes for FPE control registers * Additional checks and tests on DeepImages, scanlines and tiles * Folded in Autodesk read optimisations for RGB(A) files * Updated the bootstrap scripts to use libtoolize if glibtoolize isn't available on darwin. * Numerous minor fixes, missing includes etc
Remove patch-aj, same as patch-ac.
Include <cstring> for memcpy(). Fixes build on ArchLinux
patch-ai: memset() also requires to include string.h
Include <cstring> to declare memcpy(), used by blurImage(). No PKGREVISION bump required, no functional change on platforms where this previously built. Fixes building graphics/openexr under Ubuntu 10.10.
Changes 1.7.0: * Added new atttribute types: M33dAttribute 3x3 double-precision matrix M44dAttribute 4x4 double-precision matrix V2d 2D double-precision vector V3d 3D double-precision vector * Bug fix: crash when reading a damaged image file (found by Apple). An exception thrown inside the PIZ Huffman decoder bypasses initialization of an array of pointers. The uninitialized pointers are later passed to operator delete. * Bug fix: crash when reading a damaged image file (found by Apple). Computing the size of input certain buffers may overflow and wrap around to a small number, later causing writes beyond the end of the buffer. * In the "Technical Introduction" document, added Premultiplied vs. Un-Premulitiplied Color section: states explicitly that pixels with zero alpha and non-zero RGB are allowed, points out that preserving such a pixel can be a problem in application programs with un-premultiplied internal image representations. * exrenvmap improvements: - New command line flags set the type of the input image to latitude-longitude map or cube-face map, overriding the envmap attribute in the input file header. - Cube-face maps can now be assembled from or split into six square sub-images. - Converting a cube-face map into a new cube-face map with the same face size copies the image instead of resampling it. This avoids blurring when a cube-face map is assembled from or split into sub-images. * Updated standard chromaticities in ImfAcesFile.cpp to match final ACES (Academy Color Encoding Specification) document. * Added worldToCamera and worldToNDC matrices to ImfStandardAttributes.h * Increased the maximum length of attribute and channel names from 31 to 255 characters. For files that do contain names longer than 31 characters, a new LONG_NAMES_FLAG in the fil version number is set. This flag causes older versions of the IlmImf library (1.6.1 and earlier) to reject files with long names. Without the flag, older library versions would mis-interpret files with long names as broken. * Reading luminance/chroma-encoded files via the RGBA interface is faster: buffer padding avoids cache thrashing for certain image sizes, redundant calls to saturation() have been eliminated. * Added "hemispherical blur" option to exrenvmap. * Added experimental version of I/O classes for ACES file format (restricted OpenEXR format with special primaries and white point); added exr2aces file converter. * Added new constructors to classes Imf::RgbaInputFile and Imf::TiledRgbaInputFile. The new constructors have a layerName parameter, which allows the caller to specify which layer of a multi-layer or multi-view image will be read. * A number of member functions in classes Imf::Header, Imf::ChannelList and Imf::FrameBuffer have parameters of type "const char *". Added equivalent functions that take "const std::string &" parameters. * Added library support for Weta Digital multi-view images: StringVector attribute type, multiView standard attribute of type StringVector, utility functions related to grouping channels into separate views.
Pullup ticket #2878 - requested by hasso openexr: security patch Revisions pulled up: - graphics/openexr/Makefile 1.22 - graphics/openexr/distinfo 1.13 via patch - graphics/openexr/patches/patch-ae 1.1 - graphics/openexr/patches/patch-af 1.1 - graphics/openexr/patches/patch-ag 1.1 - graphics/openexr/patches/patch-ah 1.1 - graphics/openexr/patches/patch-ai 1.1 --- Module Name: pkgsrc Committed By: hasso Date: Fri Aug 28 21:33:08 UTC 2009 Modified Files: pkgsrc/graphics/openexr: Makefile distinfo Added Files: pkgsrc/graphics/openexr/patches: patch-ae patch-af patch-ag patch-ah patch-ai Log Message: Add patches for CVE-2009-1720 (multiple integer overflows in OpenEXR) and CVE-2009-1721 (denial of service (application crash) or possibly execute arbitrary code in the Imf::hufUncompress function). Bump PKGREVISION.
Add patches for CVE-2009-1720 (multiple integer overflows in OpenEXR) and CVE-2009-1721 (denial of service (application crash) or possibly execute arbitrary code in the Imf::hufUncompress function). Bump PKGREVISION.
include <string.h> for strcmp(3) prototype. Fixes Linux build.
include <string.h> for strcmp(3) prototype. Fixes Linux build.
Added reference to upstream bug report.
Update to 1.6.1: 1.6.1 New versions of OpenEXR and CTL are now available. This release fixes a buffer overrun in OpenEXR and a Windows build problem in CTL, and it removes a few unnecessary files from the .tar.gz packages. 1.6.0 * Reduced generational loss in B44- and B44A-compressed images. * Added B44A compression. This is a variation of B44, but with a better compression ratio for images with large uniform areas, such as in an alpha channel. * Bug fixes. 1.5.0 * OpenEXR supports a new image compression method, called B44. It has a fixed compression rate of 2.28:1, or 4.57:1 if used in combination with luminance/chroma encoding. B44-compressed images can be uncompressed fast enough to support real-time playback of image sequences. * The new playexr program plays back moving image sequences. Playexr is multi-threaded and utilizes the threading capabilities of the IlmImf library that were introduced in OpenEXR 1.3.0. The program plays back B44-compressed images with fairly high-resolution in real time on commodity hardware. * The playexr program and a new version of the existing exrdisplay image viewer both support color rendering via color transforms written in the new Color Transformation Language or CTL. CTL is not part of OpenEXR; it will be released separately. CTL support in playexr and exrdisplay is optional; the programs can be built and will run without CTL. * In preparation for the release of CTL, OpenEXR has been split into three separate packages: o IlmBase 0.9.0 includes the Half, Iex, Imath and IlmThread libraries o OpenEXR 1.5.0 includes the IlmImf library, programming examples and utility programs such as exrheader or exrenvmap o OpenEXRViewers 0.9.0 includes the playexr and exrdisplay programs * The "Technical Introduction to OpenEXR" document now includes a recommendation for storing CIE XYZ pixel data in OpenEXR files. * A new "OpenEXR Image Viewing Software" document describes the playexr and exrdisplay programs. It briefly explains real-time playback and color rendering, and includes recommendations for testing if other image viewing software displays OpenEXR images correctly. * The OpenEXR sample image set now includes B44-compressed files and files with CIE XYZ pixel data.
Untangle dependencies: split out the "exrdisplay" GUI app which needs fltk from the rest. Now eg KDE doesn't require fltk anymore which looked a bit strange.
Remove patch-aa, it has clearly been applied upstream, so is no longer necessary (but was harmless). No functional change.
Changes 1.4.0a: * Fixed the ReleaseDLL targets for Visual Studio 2003. Changes 1.4.0: * Production release. * Bug Fix: calling setFrameBuffer() for every scan line while reading a tiled file through the scan line API returns bad pixel data.
Fixed "test ==".
Fix buildling for gcc4
Update to 1.2.2: - New build system for Windows; support for DLLs. - Imath: Removed TMatrix<T> classes; these classes are still under development and are too difficult to keep in sync with OpenEXR CVS. - IlmImf: support for image layers in ChannelList. - IlmImf: added isComplete() method to file classes to check whether a file is complete. - IlmImf: exposed staticInitialize() in ImfHeader.h in order to allow thread-safe library initialization in multithreaded applications. - IlmImf: New "time code" standard attribute. - exrdisplay: support for displaying wrap-around texture map images. - exrmaketiled: can now specify wrap mode. - IlmImf: New "wrapmodes" standard attribute to indicate extrapolation mode for mipmaps and ripmaps. - IlmImf: New "key code" standard attribute to identify motion picture film frames.
Add RMD160 digests
OpenEXR is a high dynamic-range (HDR) image file format developed by Industrial Light & Magic for use in computer imaging applications. OpenEXR is used by ILM on all motion pictures currently in production. The first movies to employ OpenEXR were Harry Potter and the Sorcerers Stone, Men in Black II, Gangs of New York, and Signs. Since then, OpenEXR has become ILM's main image file format. OpenEXR's features include: * Higher dynamic range and color precision than existing 8- and 10-bit image file formats. * Support for 16-bit floating-point, 32-bit floating-point, and 32-bit integer pixels. The 16-bit floating-point format, called "half", is compatible with the half data type in NVIDIA's Cg graphics language and is supported natively on their new GeForce FX and Quadro FX 3D graphics solutions. * Multiple lossless image compression algorithms. Some of the included codecs can achieve 2:1 lossless compression ratios on images with film grain. * Extensibility. New compression codecs and image types can easily be added by extending the C++ classes included in the OpenEXR software distribution. New image attributes (strings, vectors, integers, etc.) can be added to OpenEXR image headers without affecting backward compatibility with existing OpenEXR applications.
Initial revision