Summary: | <media-libs/openexr-2.5.3: Multiple unspecified vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video, proxy-maint, waebbl-gentoo |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.3 | ||
See Also: |
https://github.com/gentoo/gentoo/pull/18923 https://github.com/gentoo/gentoo/pull/19684 https://github.com/gentoo/gentoo/pull/20133 |
||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 746791, 762862 | ||
Bug Blocks: | 717474 |
Description
Sam James
2020-10-05 23:39:51 UTC
*** Bug 738866 has been marked as a duplicate of this bug. *** Ping, please bump to 2.5.3. https://github.com/gentoo/gentoo/commit/e5bbb26bd5f3591dd6770219a33c201c0f404d38 https://github.com/gentoo/gentoo/commit/90614de883ed25de63620d021ab34f916840f995 https://github.com/gentoo/gentoo/commit/ee2e85cf3fe33d4535b3b7149d5ff2f66c4a6aa1 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=918b36d2c8812022b83b25b234307af25725d9cd commit 918b36d2c8812022b83b25b234307af25725d9cd Author: Bernd Waibel <waebbl@gmail.com> AuthorDate: 2021-01-03 12:10:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-01-24 01:48:06 +0000 media-libs/openexr: drop old 2.5.3 Bug: https://bugs.gentoo.org/746794 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> media-libs/openexr/Manifest | 1 - media-libs/openexr/openexr-2.5.3.ebuild | 61 --------------------------------- 2 files changed, 62 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1e7a9131cc0456d6ad60fa91a1988c5f1823618d commit 1e7a9131cc0456d6ad60fa91a1988c5f1823618d Author: Bernd Waibel <waebbl@gmail.com> AuthorDate: 2021-01-03 11:58:50 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-01-24 01:48:05 +0000 media-libs/ilmbase: drop old 2.5.3 Bug: https://bugs.gentoo.org/746794 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> media-libs/ilmbase/Manifest | 1 - media-libs/ilmbase/ilmbase-2.5.3.ebuild | 45 --------------------------------- 2 files changed, 46 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0f49c50e51da2ea663ee68a683c07ae97f682f20 commit 0f49c50e51da2ea663ee68a683c07ae97f682f20 Author: Bernd Waibel <waebbl@gmail.com> AuthorDate: 2021-01-03 09:50:25 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-01-24 01:48:05 +0000 media-libs/openexr: bump to 2.5.4 Bug: https://bugs.gentoo.org/656680 Bug: https://bugs.gentoo.org/762862 Bug: https://bugs.gentoo.org/746794 Closes: https://bugs.gentoo.org/762901 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> media-libs/openexr/Manifest | 1 + media-libs/openexr/openexr-2.5.4.ebuild | 62 +++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3879f7d07fd0e99b3dc26e63f1134ac202a6dd1a commit 3879f7d07fd0e99b3dc26e63f1134ac202a6dd1a Author: Bernd Waibel <waebbl@gmail.com> AuthorDate: 2021-01-02 22:26:42 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-01-24 01:48:04 +0000 media-libs/ilmbase: bump to 2.5.4 Bug: https://bugs.gentoo.org/746794 Bug: https://bugs.gentoo.org/762862 Bug: https://bugs.gentoo.org/762901 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> media-libs/ilmbase/Manifest | 1 + ...2.5.4-0001-disable-failing-test-on-x86_32.patch | 24 +++++++++++++ media-libs/ilmbase/ilmbase-2.5.4.ebuild | 42 ++++++++++++++++++++++ 3 files changed, 67 insertions(+) Unable to check for sanity:
> no match for package: media-libs/openexr-2.5.3
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=846308f2111948a93e71caf312b2fea8dec2f121 commit 846308f2111948a93e71caf312b2fea8dec2f121 Author: Bernd Waibel <waebbl-gentoo@posteo.net> AuthorDate: 2021-02-27 14:13:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-02-27 16:37:13 +0000 media-libs/openexr: drop 2.5.2 Security cleanup. Bug: https://bugs.gentoo.org/770229 Bug: https://bugs.gentoo.org/746794 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Signed-off-by: Sam James <sam@gentoo.org> media-libs/openexr/Manifest | 1 - media-libs/openexr/openexr-2.5.2-r1.ebuild | 63 ------------------------------ 2 files changed, 64 deletions(-) This PR should finish the cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=58d2ffc5446d020cde8d473c32485ad5f2e4c6f1 commit 58d2ffc5446d020cde8d473c32485ad5f2e4c6f1 Author: Bernd Waibel <waebbl-gentoo@posteo.net> AuthorDate: 2021-03-26 16:46:35 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-03-31 06:29:14 +0000 media-libs/openexr: drop 2.3.0 Security cleanup Bug: https://bugs.gentoo.org/770229 Bug: https://bugs.gentoo.org/762862 Bug: https://bugs.gentoo.org/746794 Bug: https://bugs.gentoo.org/717474 Bug: https://bugs.gentoo.org/656680 Package-Manager: Portage-3.0.17, Repoman-3.0.2 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Signed-off-by: Joonas Niilola <juippis@gentoo.org> media-libs/openexr/Manifest | 1 - ...penexr-2.2.0-Install-missing-header-files.patch | 60 ----------- .../openexr-2.2.0-fix-config.h-collision.patch | 43 -------- .../openexr-2.2.0-fix-cpuid-on-abi_x86_32.patch | 75 ------------- .../openexr/files/openexr-2.3.0-bigendian.patch | 71 ------------- .../openexr/files/openexr-2.3.0-bigendian2.patch | 17 --- .../openexr/files/openexr-2.3.0-fix-bashisms.patch | 117 --------------------- .../files/openexr-2.3.0-fix-build-system.patch | 68 ------------ .../files/openexr-2.3.0-skip-bogus-tests.patch | 31 ------ .../files/openexr-2.3.0-tests-32bits-2.patch | 17 --- .../openexr/files/openexr-2.3.0-tests-32bits.patch | 36 ------- media-libs/openexr/openexr-2.3.0.ebuild | 79 -------------- 12 files changed, 615 deletions(-) GLSA request filed. This issue was resolved and addressed in GLSA 202107-27 at https://security.gentoo.org/glsa/202107-27 by GLSA coordinator John Helmert III (ajak). |