ยซ Changelog History


OpenEXR v2.5.5 Release Notes

Release Date: 2021-02-12 // about 3 years ago

  • ๐Ÿš€ Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files, but also a fix for universal ๐ŸŽ build support on macOS.

    Specific OSS-fuzz issues include:

    • OSS-fuzz 30291 Timeout in openexr_exrcheck_fuzzer
    • OSS-fuzz 29106 Heap-buffer-overflow in Imf_2_5::FastHufDecoder::decode
    • OSS-fuzz 28971 Undefined-shift in Imf_2_5::cachePadding
    • OSS-fuzz 29829 Integer-overflow in Imf_2_5::DwaCompressor::initializeBuffers
    • OSS-fuzz 30121 Out-of-memory in openexr_exrcheck_fuzzer

    ๐Ÿ”€ Merged Pull Requests

    • 914 additional verification of DWA data sizes
    • โšก๏ธ 910 update tileoffset sanitycheck to handle ripmaps
    • 903 prevent overflows by using Int64 for all vars in DWA initialize
    • 901 Use size_t for DWA buffersize calculation
    • 897 prevent overflow in RgbaFile cachePadding
    • 896 add buffer size validation to FastHuf decode
    • 893 Include where required by newer compilers
    • 889 Add explicit #include for numeric_limits
    • ๐Ÿ— 854 Fix Apple Universal 2 (arm64/x86_64) builds