OpenImageIO v2.4.11.1

Release 2.4.11.1 (14 May 2023) -- compared to 2.4.11.0

• build: Support for fmt 10.0. #3825 #3828 #3836

This release is simply the minimal backport of patches necessary to build against the new fmt 10.0.
If you don't need fmt 10.0, there is no pressing need to upgrade from 2.4.11.0 to this release.

OpenImageIO v2.4.11.0

Release 2.4.11.0 (1 May 2023) -- compared to 2.4.10.0

• oiiotool: For expression evaluation, NIMAGES now evaluates to the current
  image stack depth. #3822
• Python: Improve error messages when passing wrong python array sizes. #3801
• Raw: handle 1-channel raw images. #3798
• HEIC: Support the ".hif" extension, which seems to be used by some Canon
  cameras instead of .heif. #3813
• PSD: Fix problems reading images with width > 64k pixels. #3806
• Windows/fmath: Work around MSVS bug(?) that generated wrong code for
  fast_exp2. #3804
• Build: Fix building on OpenBSD. #3808
• Build: Refactor simd.h to disable Intel intrinsics when not on Intel
  (including Cuda compiles). #3814
• Build: Fix building against new ffmpeg 6.0. #3812
• Build: Work around problems with fmt library + NVPTX relating to unknown
  float128 type. #3823
• CI/test: Fix incorrect branch name when cloning openexr-images for the
  testsuite. #3814
• Test: Use copies instead of symlinks in a couple spots to help on Windows.
  #3818

OpenImageIO v2.4.10.0

Release 2.4.10.0 (1 Apr 2023) -- compared to 2.4.9.0

• Exif: Fix typo that prevented us from correctly naming Exif
  "CameraElevationAngle" metadata. #3783
• IC/TS: Fixes that avoid deadlock situations on the file handle cache
  in certain scenarios with very high thread contention. #3784
• Docs: Some retroactive edits to INSTALL.md to correctly document changed
  dependencies of the 2.4 series.
• GIF: Fix potential array overrun when writing GIF files. #3789
• Build: Fixes to make a clean build on Mac using Apple Clang 11.0. #3795
• FYI: This version of OIIO should build against Clang 16.
• maketx: Fix a broken --cdf flag, which was set up to take an argument, but
  should always simply have acted as a simple boolean flag on its own. The
  incorrect way it was set up not only was useless, but also could lead to
  occasional crashes. #3748
• maketx and oiiotool --otex: Add support for CDFs of bumpslopes channels.
  Previously, if you used both --bumpslopes and --cdf at the same time, the
  CDFs were not produced for all channels. #3793

OpenImageIO v2.4.9.0

Release 2.4.9.0 (1 Mar 2023) -- compared to 2.4.8.1

• Build: check need for libatomic with check_cxx_source_compiles instead of
  the more expensive check_cxx_source_runs. #3774
• Fix(IC): Avoid bad IC stats when no files were read. #3765
• Build: Add a cmake option OIIO_DISABLE_BOOST_STACKTRACE to disable use and
  dependency of boost stacktrace. #3777
• ustringhash: Make an explicit constructor from a hash value. #3778
• Build: Add ability to build against Qt6. #3779

OpenImageIO v2.4.8.1

Release 2.4.8.1 (13 Feb 2023) -- compared to 2.4.8.0

• Fix(targa): guard against corrupted tga files Fixes TALOS-2023-1707 /
  CVE-2023-24473, TALOS-2023-1708 / CVE-2023-22845. #3768
• Fix: race condition in TIFF reader, fixes TALOS-2023-1709 / CVE-2023-24472.
  #3772
• Windows: Fix unresolved external symbol for MSVS 2017 #3763
• Fix: Initialize OpenEXROutput::m_levelmode in init(). #3764
• Fix: improve thread safety for concurrent tiff loads. #3767
• Fix(fits): Make sure to close if open fails to find right magic number.
  #3771

OpenImageIO v2.4.8.0

Release 2.4.8.0 (1 Feb 2023) -- compared to 2.4.7.1

• oiiotool --pdiff: test, be sure to count it as making output. #3723
• IBAprep should not zero out deep images when creating dst #3724
• PBM: Fix for incorrect inverting of 1-bit pbm images. #3731
• New ImageSpec:set_colorspace() sets color space metadata in a consistent
  way. #3734
• BMP: set colorspace to sRGB #3701
• PNG: Add EXIF support when writing PNG files. #3735
• PSD: Fix wrong oiio:UnassociatedAlpha metadata for PSD files. #3750
• platform.h: set up macros for detecting MSVS 2019 and 2022 #3727
• typedesc.h: Extend TypeDescFromC template to the full set of pixel types
  #3726
• Testing: many improvements for testing and code coverage. #3730 #3654 #3694
  #3699 #3732 #3741 #3745 #3747
• Testing: Fix long-broken ref images for texture-icwrite test #3733
• Docs: Updated RTD docmentation style, looks much nicer. #3737
• Docs: improve description of ociodisplay and others.
• Docs: Fix old release notes to document all CVEs addressed in certain
  prior releases.

OpenImageIO v2.4.7.1

Release 2.4.7.1 (3 Jan 2023) -- compared to 2.4.7.0

• Fix build break for Mac ARM. #3735
• CMake config should not include a find of fmt if it's internalized. #3739

OpenImageIO v2.4.7.0

Release 2.4.7.0 (1 Jan 2023) -- compared to 2.4.6.0

• IOMemReader detects and errors for out-of-range read positions. #3712
• Build/Mac: Suppress some deprecation warnings when building wth the newest
  Apple clang. #3709 #3710
• ARM: Fix signed/unsigned SIMD mismatch in vbool4::load. #3722
• Build: New CMake variable INTERNALIZE_FMT, when set to OFF will ensure
  that the fmt headers are not internalized (copied to the installed part
  of OIIO). The default is ON, matching old behavior. #3598
• Testing: Improved testing of iinfo #3688 #3706, 'term' output #3714, igrep
  #3715.
• build_openexr.bash: bump default version of OpenEXR/Imath retrieved to be
  3.1.5. #3703
• span.h: Make sure the cspan alias also allows the Extent template
  argument; add a custom formatter to print spans. #3685
• ustring.h: #if guards to let the header be Cuda-safe. #3718
• Internals: refactoring to remove duplicated code for iinfo and
  oiiotool --info. #3688
• Internals: remove the last instances of unsafe std::sprintf. #3705

OpenImageIO v2.4.6.0

Release 2.4.6 (1 Dec 2022) -- compared to 2.4.5.0

• make_texture / maketx : ensure proper setting of certain metadata when
  using a texture as a source to build another texture. #3634
• Build: Make sure use of ${PROJECT_NAME} doesn't occur before the call to
  project(). #3651
• Fix null pointer dereference when OCIO no configuration is found. #3652
• Support for building against OpenColorIO 2.2. #3662
• Fixes to subtle bugs when ImageBuf is used with IOProxy. #3666
• oiiotool: Fix problems with --point when there is no alpha channel. #3684
• oiiotool: --dumpdata fix channel name output. #3687
• BMP: Fix possible write errors, fixes TALOS-2022-1653 / CVE-2022-43594,
  CVE-2022-43595. #3673
• DPX: Fix possible write errors, fixes TALOS-2022-1651 / CVE-2022-43592 and
  TALOS-2022-1652 / CVE-2022-43593. #3672
• IFF files: Add IOProxy support. #3647
• IFF: Fix possible write errors, fixes TALOS-2022-1654 / CVE-2022-43596,
  TALOS-2022-1655 / CVE-2022-43597 CVE-2022-43598, TALOS-2022-1656 /
  CVE-2022-43599 CVE-2022-43602 #3676
• PSD: Fix thumbnail extraction. #3668
• PSD: when reading, don't reject padded thumbnails. #3677
• Raw: Update Exif orientation if user flip is set. #3669
• Zfile write safety, fixes TALOS-2022-1657 / CVE-2022-43603. #3670
• filesystem.h: new Filesystem::is_executable() and find_program(). #3638
• filesystem.h: Change IOMemReader constructor to take a const buffer
  pointer. #3665
• strutil.h: new trimmed_whitspace(). #3636
• New OIIO::print() exposes Strutil::print() in the main OIIO namespace.
  #3667
• Testing: improved testing of oiiotool #3637 #3643 #3649, Strutil #3655

OpenImageIO v2.4.5.0

Release 2.4.5 (1 Nov 2022) -- compared to 2.4.4.2

• oiiotool: new commands --iccread reads a named file and adds its contents
  as the ICCProfile metadata of the top image, --iccwrite saves the
  ICCProfile metadata of the top file to a named file. #3550
• TIFF, JPEG, JPEG-2000, PNG, and PSD files containing ICC profiles now
  extract and report extra metadata related to aspects of those profiles.
  #3554
• Python: support int8[] metadata and retrieving the ICCPorofile metadata.
  #3556
• oiiotool: New expression syntax for retrieving metadata {TOP[foo]} is
  similar to the existing {TOP.foo}, if there is no foo metadata found,
  the former evaluates to an empty string, whereas the latter is an error.
  #3619
• Strutil: new utf16_to_utf8(const std::u16string&) and
  Strutil::utf8_to_utf16wstring(). #3553
• ustring: make std::hash work for ustring, add operator< for ustringhash,
  add from_hash() to ustringhash, make ustringhash == and != be
  constexpr for C++17 and beyond. #3577 Custom fmt formatter for ustringhash
  that prints the string rather than the hash. #3614
• Build: the version number is now a CMake cache variable that can be
  overridden (caveat emptor). #3549
• Build/security: New CMake cache variable FORTIFY_SOURCE, if enabled,
  builds with the specified gcc _FORTIFY_SOURCE option defined. This may be
  desirable for people deploying OIIO in security-sensitive environments.
  #3575
• CI: testing now includes using undefined behavior sanitizer. #3565
• Windows: protect against OpenEXR thread deadlock on shutdown. #3582
• Windows: Work around a static destruction order issue. #3591
• Windows: define NOGDI to keep the inclusion of windows.h from adding as
  many unneeded symbols. #3596
• MinGW: fix incorrect symbol visibility issue for ImageBuf iterators. #3578
• ARM: improve SIMD operations for ARM NEON. #3599
• Docs: New RELEASING.md documents our releasing procedures. #3564 #3580
• Docs: Better Windows build instructions in INSTALL.md. #3602
• Fix missing OIIO::getattribute support for limits:channels and
  limits:imagesize_MB. #3617
• BMP: fix reading 16bpp images. #3592
• BMP: protect against corrupt pixel coordinates. (TALOS-2022-1630,
  CVE-2022-38143) #3620
• DDS: fix alpha/luminance files, better testing. #3581
• DDS: optimize loading of compressed images, improves 3-5x. #3583 #3584
• DDS: Fix crashes for cubemap files when a cube face was not present, and
  check for invalid bits per pixel. (TALOS-2022-1634, CVE-2022-41838)
  (TALOS-2022-1635, CVE-2022-41999) #3625
• HDR: fix a 8x (!) read performance regression for HDR files that was
  introduced in OIIO in 2.4. #3588 On top of that, speed up by another 4x
  beyond what we ever did before by speeding up the RGBE->float conversion.
  #3590
• PNG: fix memory leaks when errors take an early exit. #3543 #3544
• PSD: fix a PSD read error on ARM architecture. #3589
• PSD: protect against corrupted embedded thumbnails. (TALOS-2022-1626,
  CVE-2022-41794) #3629
• RAW: additional color metadata is now recognized: pre_mul, cam_mul,
  cam_xyz, rgb_cam. #3561 #3569 #3572
• RLA: fix potential buffer overrun. (TALOS-2022-1629, CVE-2022-36354) #3624
• Targa: string overflow safety. (TALOS-2022-1628, CVE-2022-4198) #3622
• TIFF/JPEG/PSD: Fix EXIF bugs where corrupted exif blocks could overrun
  memory. (TALOS-2022-1626, CVE-2022-41794) (TALOS-2022-1632, CVE-2022-41684)
  #3627
• TIFF: guard against corrupt files with buffer overflows. (TALOS-2022-1627,
  CVE-2022-41977) #3628
• TIFF: guard against buffer overflow for certain CMYK files.
  (TALOS-2022-1633, CVE-2022-41639) (TALOS-2022-1643, CVE-2022-41988) #3632