SOURCES/openexr-CVE-2026-27622.patch

@@ -1,22 +0,0 @@
-diff -urNp a/IlmImf/ImfCompositeDeepScanLine.cpp b/IlmImf/ImfCompositeDeepScanLine.cpp
---- a/IlmImf/ImfCompositeDeepScanLine.cpp	2026-04-14 08:44:06.993263491 +0200
-+++ b/IlmImf/ImfCompositeDeepScanLine.cpp	2026-04-14 09:22:40.284776121 +0200
-@@ -44,6 +44,7 @@
- 
- #include <Iex.h>
- #include <vector>
-+#include <limits>
- OPENEXR_IMF_INTERNAL_NAMESPACE_SOURCE_ENTER
- 
- using std::vector;
-@@ -488,6 +489,10 @@ CompositeDeepScanLine::readPixels(int st
-        num_sources[ptr]=0;
-        for(size_t j=0;j<parts;j++)
-        {
-+          if (total_sizes[ptr] > std::numeric_limits<unsigned int>::max() - counts[j][ptr])
-+              throw IEX_NAMESPACE::ArgExc (
-+                  "Cannot composite scanline: pixel cannot have more than UINT_MAX samples");
-+
-           total_sizes[ptr]+=counts[j][ptr];
-           if(counts[j][ptr]>0) num_sources[ptr]++;
-        }

SPECS/OpenEXR.spec

@@ -1,7 +1,7 @@
 Name:	 OpenEXR
 Summary: A high dynamic-range (HDR) image file format
 Version: 2.2.0
-Release: 12%{?dist}.1
+Release: 12%{?dist}
 
 License: BSD
 URL:	 http://www.openexr.com/
@@ -9,8 +9,6 @@ Source0: http://download.savannah.nongnu.org/releases/openexr/openexr-%{version}
 # fix tests for big endian arches
 # https://github.com/openexr/openexr/issues/81
 Patch0:  openexr-2.1.0-bigendian.patch
-# Fix CVE 2026-27622
-Patch1:  openexr-CVE-2026-27622.patch
 
 Obsoletes: openexr < %{version}-%{release}
 Provides:  openexr = %{version}-%{release}
@@ -47,7 +45,7 @@ Summary: %{name} runtime libraries
 %prep
 %setup -q -n openexr-%{version}
 %patch0 -p1 -b .bigendian
-%patch1 -p1 -b .CVE-2026-27622
+
 
 %build
 %configure --disable-static
@@ -93,9 +91,6 @@ make %{?_smp_mflags} check ||:
 
 
 %changelog
-* Tue Apr 14 2026 Josef Ridky <jridky@redhat.com> - 2.2.0-12.1
-- fix CVE-2026-27622
-
 * Tue Dec 15 2020 Owen Taylor <otaylor@redhat.com> - 2.2.0-12
 - In check, don't override PKG_CONFIG_PATH from the environment (#1907528)