Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge release notes and SECURITY.md from RB-3.1 #1226

Merged
merged 3 commits into from
Jan 27, 2022
Merged

Merge release notes and SECURITY.md from RB-3.1 #1226

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e649eed
Update release notes with v3.1.4
cary-ilm Jan 23, 2022
c1ea716
Reference to CVE-2021-45942
cary-ilm Jan 21, 2022
9e5ba4f
Add links to 3.1.2 and 3.1.3
cary-ilm Jan 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
225 changes: 225 additions & 0 deletions CHANGES.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# OpenEXR Release Notes

* [Version 3.1.4](#version-314-january-26-2022) January 27, 2022
* [Version 3.1.3](#version-313-october-27-2021) October 27, 2021
* [Version 3.1.2](#version-312-october-4-2021) October 4, 2021
* [Version 3.1.1](#version-311-august-2-2021) August 2, 2021
* [Version 3.1.0](#version-310-july-22-2021) July 22, 2021
Expand Down Expand Up @@ -52,6 +54,229 @@
* [Version 1.0.1](#version-101)
* [Version 1.0](#version-10)

## Version 3.1.4 (January 26, 2022)

Patch release that addresses various issues:

* Several bug fixes to properly reject invalid input upon read
* A check to enable SSE2 when building with Visual Studio
* A check to fix building with VisualStudio on ARM64
* Update the automatically-downloaded version of Imath to v3.1.4
* Miscellaneous documentation improvements

This addresses one public security vulnerability:

* [CVE-2021-45942](https://nvd.nist.gov/vuln/detail/CVE-2021-45942) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute

Specific OSS-fuzz issues:

* OSS-fuzz [43961](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43961) Heap-buffer-overflow in generic_unpack
* OSS-fuzz [43916](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43916) Heap-buffer-overflow in hufDecode
* OSS-fuzz [43763](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43763) Heap-buffer-overflow in internal_huf_decompress
* OSS-fuzz [43745](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43745) Floating-point-exception in internal_exr_compute_tile_information
* OSS-fuzz [43744](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43744) Divide-by-zero in internal_exr_compute_tile_information
* OSS-fuzz [42197](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42197) Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [42001](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42001) Timeout in openexr_exrcheck_fuzzer
* OSS-fuzz [41999](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41999) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
* OSS-fuzz [41669](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41669) Integer-overflow in Imf_3_1::rleUncompress
* OSS-fuzz [41625](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41625) Heap-buffer-overflow in uncompress_b44_impl
* OSS-fuzz [41416](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416) Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
* OSS-fuzz [41075](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41075) Integer-overflow in Imf_3_1::copyIntoDeepFrameBuffer
* OSS-fuzz [40704](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40704) Crash in Imf_3_1::DeepTiledInputFile::readPixelSampleCounts
* OSS-fuzz [40702](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40702) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputFile>
* OSS-fuzz [40701](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40701) Null-dereference in bool Imf_3_1::readDeepTile<Imf_3_1::DeepTiledInputPart>
* OSS-fuzz [40423](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40423) Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [40234](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40234) Heap-buffer-overflow in generic_unpack
* OSS-fuzz [40231](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40231) Heap-buffer-overflow in hufDecode
* OSS-fuzz [40091](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40091) Heap-buffer-overflow in hufDecode

Merged Pull Requests:

* [1225](https://github.com/AcademySoftwareFoundation/openexr/pull/1225)
Bazel build: Update Imath
* [1224](https://github.com/AcademySoftwareFoundation/openexr/pull/1224)
Add error check to prevent corrupt files trying to unpack
* [1223](https://github.com/AcademySoftwareFoundation/openexr/pull/1223)
Fix issues with a a "short" huf table and checking boundary conditions, missing return value
* [1222](https://github.com/AcademySoftwareFoundation/openexr/pull/1222)
Fix OSS Fuzz 43763, 43745
* [1218](https://github.com/AcademySoftwareFoundation/openexr/pull/1218)
OSS-Fuzz pass 15jan2022
* [1217](https://github.com/AcademySoftwareFoundation/openexr/pull/1217)
Added missing check _M_IX86 or _M_X64 when using __lzcnt.
* [1216](https://github.com/AcademySoftwareFoundation/openexr/pull/1216)
Corrected the check to enable SSE2 when building with Visual Studio.
* [1214](https://github.com/AcademySoftwareFoundation/openexr/pull/1214)
prevent overflow in allocation of RLE buufer
* [1213](https://github.com/AcademySoftwareFoundation/openexr/pull/1213)
add check for decompressed deepscanline datasize
* [1209](https://github.com/AcademySoftwareFoundation/openexr/pull/1209)
enforce xSampling/ySampling==1 in CompositeDeepScanLine
* [1208](https://github.com/AcademySoftwareFoundation/openexr/pull/1208)
Reduce memory consumption with very large deepscanline images
* [1206](https://github.com/AcademySoftwareFoundation/openexr/pull/1206)
Update INSTALL.md
* [1205](https://github.com/AcademySoftwareFoundation/openexr/pull/1205)
DeepScanlineInputFile now uses chunk size test from DeepTiledInputFile
* [1200](https://github.com/AcademySoftwareFoundation/openexr/pull/1200)
Corrected Deep Docs & Example Code
* [1199](https://github.com/AcademySoftwareFoundation/openexr/pull/1199)
Fix C++ DeepTile reading in Imf::CheckFile
* [1195](https://github.com/AcademySoftwareFoundation/openexr/pull/1195)
Fix bugs in ImfCheckFile.cpp:readDeepTile()
* [1193](https://github.com/AcademySoftwareFoundation/openexr/pull/1193)
mention multipart files in multiview doc
* [1191](https://github.com/AcademySoftwareFoundation/openexr/pull/1191)
Replace Doxygen/Sphinx targets with "docs"
* [1190](https://github.com/AcademySoftwareFoundation/openexr/pull/1190)
Add Compression section to "Reading and Writing Image Files" doc
* [1189](https://github.com/AcademySoftwareFoundation/openexr/pull/1189)
Fix typo in readthedocs url


## Version 3.1.3 (October 27, 2021)

Patch release with a change to default zip compression level:

* Default zip compression level is now 4 (instead of 6), which in our
tests improves compression times by 2x with only a tiny drop in
compression ratio.
* ``setDefaultZipCompression()`` and ``setDefaultDwaCompression()``
now set default compression levels for writing.
* The Header how has ``zipCompressionLevel()`` and
``dwaCompressionLevel()`` to return the levels used for writing.

Also, various bug fixes, build improvements, and documentation
updates. In particular:

* Fixes a build failure with Imath prior to v3.1
* Fixes a bug in detecting invalid chromaticity values

Specific OSS-fuzz issues:

* OSS-fuzz [40091](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40091)
Heap-buffer-overflow in hufDecode
* OSS-fuzz [39997](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39997)
Null-dereference in Imf_3_1::readCoreScanlinePart
* OSS-fuzz [39996](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39996)
Heap-buffer-overflow in generic_unpack
* OSS-fuzz [39936](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39936)
Heap-buffer-overflow in Imf_3_1::memstream_read
* OSS-fuzz [39836](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39836)
Heap-buffer-overflow in internal_huf_decompress
* OSS-fuzz [39799](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39799)
Heap-buffer-overflow in unpack_32bit
* OSS-fuzz [39754](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39754)
Abrt in internal_decode_alloc_buffer
* OSS-fuzz [39737](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39737)
Heap-buffer-overflow in unpack_16bit
* OSS-fuzz [39683](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39683)
Null-dereference in Imf_3_1::readCoreScanlinePart
* OSS-fuzz [39630](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39630)
Direct-leak in internal_decode_alloc_buffer
* OSS-fuzz [39623](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39623)
Heap-buffer-overflow in unpack_16bit
* OSS-fuzz [39616](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39616)
Heap-buffer-overflow in Imf_3_1::memstream_read
* OSS-fuzz [39604](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39604)
Abrt in internal_decode_free_buffer
* OSS-fuzz [39601](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39601)
Heap-buffer-overflow in internal_huf_decompress
* OSS-fuzz [39591](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39591)
Integer-overflow in Imf_3_1::readCoreTiledPart
* OSS-fuzz [39579](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39579)
Undefined-shift in internal_huf_decompress
* OSS-fuzz [39571](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39571)
Heap-buffer-overflow in generic_unpack
* OSS-fuzz [39568](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39568)
Null-dereference in Imf_3_1::readCoreScanlinePart
* OSS-fuzz [39542](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39542)
Heap-buffer-overflow in Imf_3_1::memstream_read
* OSS-fuzz [39538](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39538)
Heap-buffer-overflow in unpack_16bit_4chan_planar
* OSS-fuzz [39532](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39532)
Heap-buffer-overflow in unpack_16bit_4chan_planar
* OSS-fuzz [39529](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39529)
Null-dereference in Imf_3_1::readCoreTiledPart
* OSS-fuzz [39526](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39526)
Integer-overflow in exr_read_tile_chunk_info
* OSS-fuzz [39522](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39522)
Direct-leak in internal_decode_alloc_buffer
* OSS-fuzz [39472](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39472)
Heap-buffer-overflow in unpack_16bit
* OSS-fuzz [39421](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39421)
Stack-overflow in Imf_3_1::memstream_read
* OSS-fuzz [39399](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39399)
Direct-leak in exr_attr_preview_init
* OSS-fuzz [39397](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39397)
Timeout in openexr_exrcheck_fuzzer
* OSS-fuzz [39343](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39343)
Null-dereference READ in ubsan_GetStackTrace
* OSS-fuzz [39342](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39342)
Direct-leak in Imf_3_1::OpaqueAttribute::copy
* OSS-fuzz [39340](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39340)
Stack-overflow in Imf_3_1::memstream_read
* OSS-fuzz [39332](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39332)
Out-of-memory in openexr_exrcheck_fuzzer
* OSS-fuzz [39329](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39329)
Negative-size-param in Imf_3_1::memstream_read
* OSS-fuzz [39328](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39328)
Undefined-shift in internal_exr_compute_tile_information
* OSS-fuzz [39323](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39323)
Integer-overflow in Imf_3_1::readCoreTiledPart

Merged Pull Requests:
* [1187](https://github.com/AcademySoftwareFoundation/openexr/pull/1187)
Add size check to memory stream check program
* [1186](https://github.com/AcademySoftwareFoundation/openexr/pull/1186)
Add extra tile validation
* [1185](https://github.com/AcademySoftwareFoundation/openexr/pull/1185)
Fix test for bad chunk data to allow for 0-sample deep chunks
* [1184](https://github.com/AcademySoftwareFoundation/openexr/pull/1184)
Fixes an issue computing the unpacked size of a chunk
* [1183](https://github.com/AcademySoftwareFoundation/openexr/pull/1183)
Fix decoding of piz when y sampling is not the same for all channels
* [1182](https://github.com/AcademySoftwareFoundation/openexr/pull/1182)
Require at least one channel
* [1180](https://github.com/AcademySoftwareFoundation/openexr/pull/1180)
reduce iterations in testIDManifest to speed up
* [1178](https://github.com/AcademySoftwareFoundation/openexr/pull/1178)
use std::abs in chromaticity sanity tests (fixes #1177)
* [1176](https://github.com/AcademySoftwareFoundation/openexr/pull/1176)
Update CI builds
* [1174](https://github.com/AcademySoftwareFoundation/openexr/pull/1174)
Update docs with link to EasyCLA
* [1173](https://github.com/AcademySoftwareFoundation/openexr/pull/1173)
Fix misc issues due to OSS-fuzz
* [1172](https://github.com/AcademySoftwareFoundation/openexr/pull/1172)
fix casts in readUInt shifts
* [1169](https://github.com/AcademySoftwareFoundation/openexr/pull/1169)
Clean up error messages, check against packed size of 0, integer overflow
* [1168](https://github.com/AcademySoftwareFoundation/openexr/pull/1168)
Refactor attribute size checks
* [1167](https://github.com/AcademySoftwareFoundation/openexr/pull/1167)
Fix loop iterators in ImfCheckFile.cpp
* [1166](https://github.com/AcademySoftwareFoundation/openexr/pull/1166)
fix int overflow in calc_level_size
* [1165](https://github.com/AcademySoftwareFoundation/openexr/pull/1165)
Prevent read when offset past the end of the memstream
* [1164](https://github.com/AcademySoftwareFoundation/openexr/pull/1164)
Also fail when the user provides a preview image that has a zero size coordinate
* [1163](https://github.com/AcademySoftwareFoundation/openexr/pull/1163)
don't validate chunk size when file_size unknown
* [1161](https://github.com/AcademySoftwareFoundation/openexr/pull/1161)
validate filesize before allocating chunk memory
* [1160](https://github.com/AcademySoftwareFoundation/openexr/pull/1160)
validate dwaCompressionLevel attribute type
* [1150](https://github.com/AcademySoftwareFoundation/openexr/pull/1150)
Enable Google OSS Fuzz to also test Core library
* [1149](https://github.com/AcademySoftwareFoundation/openexr/pull/1145)
Enable ephemeral compression levels
* [1145](https://github.com/AcademySoftwareFoundation/openexr/pull/1145)
Fix when compiling against pre-3.1 version of Imath
* [1125](https://github.com/AcademySoftwareFoundation/openexr/pull/1125)
Zip: switch to compression level 4 instead of default 6

## Version 3.1.2 (October 4, 2021)

Patch release with various bug fixes, build improvements, and
Expand Down
1 change: 1 addition & 0 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ post patches as quickly as possible.

These vulnerabilities are present in the given versions:

* [CVE-2021-45942](https://nvd.nist.gov/vuln/detail/CVE-2021-45942) 3.1.0, 3.1.1, 3.1.2, 3.1.3
* [CVE-2021-20296](https://nvd.nist.gov/vuln/detail/CVE-2021-20296) 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.5.3
* [CVE-2021-3479](https://nvd.nist.gov/vuln/detail/CVE-2021-3479) 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.5.3
* [CVE-2021-3478](https://nvd.nist.gov/vuln/detail/CVE-2021-3478) 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.5.3
Expand Down