Skip to content

v2.5.5
Compare
Choose a tag to compare
@cary-ilm cary-ilm released this 12 Feb 17:09
· 20 commits to RB-2.5 since this release
v2.5.5
4212416
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files, but also a fix for universal build support on macOS.

Specific OSS-fuzz issues include:

  • OSS-fuzz #30291 Timeout in openexr_exrcheck_fuzzer
  • OSS-fuzz #29106 Heap-buffer-overflow in Imf_2_5::FastHufDecoder::decode
  • OSS-fuzz #28971 Undefined-shift in Imf_2_5::cachePadding
  • OSS-fuzz #29829 Integer-overflow in Imf_2_5::DwaCompressor::initializeBuffers
  • OSS-fuzz #30121 Out-of-memory in openexr_exrcheck_fuzzer
Assets 2
Loading