[ubuntu/resolute-proposed] opencolorio 2.5.1+dfsg-1 (Accepted)
Antoine Lassagne
antoine.lassagne at canonical.com
Mon Mar 9 17:42:43 UTC 2026
opencolorio (2.5.1+dfsg-1) experimental; urgency=medium
[ Matteo F. Vescovi ]
* New upstream release (Closes: #1125416)
This release addresses CVE-2025-15506:
| A vulnerability was found in AcademySoftwareFoundation OpenColorIO
| up to 2.5.0. This issue affects the function
| ConvertToRegularExpression of the file
| src/OpenColorIO/FileRules.cpp. Performing a manipulation results in
| out-of-bounds read. The attack needs to be approached locally. The
| exploit has been made public and could be used.
* debian/: SONAME bump 2.1 -> 2.5
* debian/control:
- b-dep switch pkg-config -> pkgconf
- libminizip-ng-dev b-dep added
- strict versioning for pystring added
- S-V bump 4.6.1 -> 4.7.3 (no changes needed)
- Priority field dropped (obsolete)
- RRR field dropped (obsolete)
* debian/watch: v4 -> v5 switch
* debian/python3-pyopencolorio.install: path fixed
* debian/libopencolorio2.5.lintian-overrides: file dropped (useless)
[ Jordan Justen ]
* d/patches: Update patches for v2.5.1
* d/rules: Stop deleting Findyaml-cpp.cmake.
Ref: c075bff0 ("Import Debian changes 2.1.2+dfsg1-4.1")
Date: 2026-02-17 04:27:38.931266+00:00
Signed-By: Paride Legovini <paride at ubuntu.com>
https://launchpad.net/ubuntu/+source/opencolorio/2.5.1+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list