Subject: CVS commit: pkgsrc/graphics
From: Thomas Klausner
Date: 2020-11-20 19:13:18
Message id: 20201120181319.0DB90FA9D@cvs.NetBSD.org
Log Message:
Update ilmbase and openexr to 2.5.3:

## Version 2.5.3 (August 12, 2020)

Patch release with various bug/security fixes and build/install fixes, plus a \ 
performance optimization:

### Summary

* Various sanitizer/fuzz-identified issues related to handling of invalid input
* Fixes to misc compiler warnings
* Cmake fix for building on arm64 macOS (#772)
* Read performance optimization (#782)
* Fix for building on non-glibc (#798)
* Fixes to tests

## Version 2.5.2 (June 15, 2020)

Patch release with various bug/security fixes and build/install fixes.

### Summary

* [CVE-2020-15305] Invalid input could cause a heap-use-after-free error in \ 
DeepScanLineInputFile::DeepScanLineInputFile()
* [CVE-2020-15306] Invalid chunkCount attributes could cause heap buffer \ 
overflow in getChunkOffsetTableSize()
* [CVE-2020-15304] Invalid tiled input file could cause invalid memory access \ 
TiledInputFile::TiledInputFile()
* OpenEXRConfig.h now correctly sets OPENEXR_PACKAGE_STRING to \ 
"OpenEXR" (rather than "IlmBase")
* Various Windows build fixes
Files:
RevisionActionfile
1.21modifypkgsrc/graphics/ilmbase/distinfo
1.7modifypkgsrc/graphics/openexr/Makefile.common
1.35modifypkgsrc/graphics/openexr/distinfo