opencolorio - Debian Package Tracker

general

source: opencolorio (main)
version: 2.1.3+dfsg-2
maintainer: Debian PhotoTools Maintainers (archive) (DMD)
uploaders: Matteo F. Vescovi [DMD]
arch: any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.1~dfsg0-7
oldstable: 2.1.2+dfsg1-4
stable: 2.1.3+dfsg-1.2
testing: 2.1.3+dfsg-2
unstable: 2.1.3+dfsg-2
exp: 2.5.1+dfsg-1

versioned links

1.1.1~dfsg0-7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.2+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.3+dfsg-1.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.3+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libopencolorio-dev
libopencolorio2.1t64
opencolorio-tools
python3-pyopencolorio

action needed

Multiarch hinter reports 1 issue(s) high

There are issues with the multiarch metadata for this package.

libopencolorio-dev conflicts on 5 files starting with /usr/share/ on any two of amd64, arm64, armhf, i386, and 3 more

Created: 2016-09-14 Last update: 2026-02-17 19:02

A new upstream version is available: 2.5.1 high

A new upstream version 2.5.1 is available, you should consider packaging it.

Created: 2025-11-27 Last update: 2026-02-17 19:01

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-15506: A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.

Created: 2026-01-11 Last update: 2026-01-22 17:17

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-15506: A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.

Created: 2026-01-11 Last update: 2026-01-22 17:17

lintian reports 1 warning high

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-01-09 Last update: 2025-08-19 12:31

31 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit f2b535fbecd6c63075126b56ce5d28b5cda7382e
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sun Feb 15 16:35:05 2026 +0100

    debian/changelog: UNRELEASED => experimental
    
    Gbp-Dch: Ignore

commit da07f358802566575f891bcd22597927419aad1e
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sun Feb 15 16:34:37 2026 +0100

    debian/changelog: new entry added
    
    Gbp-Dch: Ignore

commit 5821e7261a82f8d943c2d541b9402f283d4b6bbb
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sun Feb 15 16:33:56 2026 +0100

    debian/copyright: new field added
    
    To conform to DFSG Team request.
    
    Gbp-Dch: Short

commit 16b09da0852aa656f6fbb0e3f0b094aa509e9d87
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sun Feb 15 15:49:10 2026 +0100

    debian/changelog: back to UNRELEASED
    
    To fix late stuff.
    
    Gbp-Dch: Ignore

commit f6572c0db8ea634f73bd90a7badd93371db6546d
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 17:26:33 2026 +0100

    debian/changelog: UNRELEASED => experimental
    
    Gbp--Dch: Ignore

commit cff5b5699c41a528e10ef475d1afe0e772317f14
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 17:25:52 2026 +0100

    debian/changelog: new entry added
    
    Gbp-Dch: Ignore

commit b7a0d4fcc851bf306b5dc05c97dd9ef4569d57f5
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 17:24:42 2026 +0100

    debian/libopencolorio2.5.lintian-overrides: file dropped (useless)

commit 4a7efff9ab7c37f1094d0fe47f3212f4217b0885
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 17:12:11 2026 +0100

    debian/changelog: new entry added and fields wrapped
    
    Gbp-Dch: Ignore

commit f76918feabb6a2a8c5c69e1e88cdf8530cf9c6e5
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 17:10:34 2026 +0100

    debian/python3-pyopencolorio.install: path fixed

commit e2a1e01f19253970d0df3fcdc96b06adaa5ab74e
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:48:29 2026 +0100

    debian/changelog: CVE fixing added
    
    Gbp-Dch: Ignore

commit 331a2520dff736e2ec5e1fb98819597331591b43
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:42:02 2026 +0100

    debian/changelog: new entries added
    
    Gbp-Dch: Ignore

commit c389dab580764eff05a2bc40f96761dd83edd82a
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:39:56 2026 +0100

    debian/control: S-V bump 4.7.2 -> 4.7.3 (no changes needed)

commit 4cf0dedbffe2c99a597e31023941329c702ef04d
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:39:44 2026 +0100

    debian/control: RRR field dropped (obsolete)

commit 3a53e88a3bf3677563f3ce3e930a0b1b8095ae4f
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:39:24 2026 +0100

    debian/control: Priority field dropped (obsolete)

commit 16ef8e281dee147d558b13a7eb4bead710905745
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:36:36 2026 +0100

    debian/changelog: bump version to new upstream release
    
    Gbp-Dch: Ignore

commit 0cacc895ad5c7cecb87aeed4c7c71dac71b7ec24
Merge: f59307f cac316d
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:35:53 2026 +0100

    Update upstream source from tag 'upstream/2.5.1+dfsg'
    
    Update to upstream version '2.5.1+dfsg'
    with Debian dir 9a31f37b42042964032bc6a0a2c632fefd801255

commit cac316d2b79ed573b23bcb0275557e01e8a8830d
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Feb 14 16:35:39 2026 +0100

    New upstream version 2.5.1+dfsg

commit f59307ffd97339a4f3a73c7121652049fe41e662
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 15:39:57 2025 +0100

    debian/changelog: new upstream release entry added
    
    Gbp-Dch: Ignore

commit fabaeb6bb5af9cdeac3bc1c7ae1a76ea9e077cfa
Author: Jordan Justen <jljusten@debian.org>
Date:   Fri Oct 10 00:07:40 2025 -0700

    d/rules: Stop deleting Findyaml-cpp.cmake
    
    Ref: c075bff0 ("Import Debian changes 2.1.2+dfsg1-4.1")
    Signed-off-by: Jordan Justen <jljusten@debian.org>

commit 4c5aa7937375596190040413612dd1222d47e18e
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 15:33:52 2025 +0100

    debian/: SONAME bump 2.1 -> 2.5

commit c97807a40c92cea034fba125856f85930718adc5
Author: Jordan Justen <jljusten@debian.org>
Date:   Fri Oct 3 13:15:20 2025 -0700

    d/patches: Update patches for v2.5.0
    
    Signed-off-by: Jordan Justen <jljusten@debian.org>

commit 6e4d56af21416faff6ddce0d5645ba24780cab1e
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 15:11:45 2025 +0100

    debian/changelog: new release entries added
    
    Gbp-Dch: Ignore

commit 895b609e32df93296bdbb42ef425818a1780845d
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 13:48:56 2025 +0100

    debian/watch: v4 -> v5 switch

commit 3cd7c737ca725a531b5c3d392be509a36d30c03b
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 13:46:49 2025 +0100

    debian/control: S-V bump 4.7.0 -> 4.7.2 (no changes needed)

commit fc64f1e3a5be9bd5c3d1c69c03dd49839c1e9afc
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Wed Sep 11 14:00:17 2024 +0200

    debian/control: strict versioning for pystring added

commit 0628b33def66ff2d0e36b34f29c7a6e6f95d511b
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Wed Sep 11 13:59:45 2024 +0200

    debian/control: libminizip-ng-dev b-dep added

commit 43cb4d4c11f878eb9711ef3a8e6dd26fc5fd7da7
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Apr 27 13:51:49 2024 +0200

    debian/copyright: drop useless entry
    
    Gbp-Dch: Ignore

commit 3c58680788a5225330e3af4557c6b6b752174cb1
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Apr 27 13:51:14 2024 +0200

    debian/control: S-V bump 4.6.1 -> 4.7.0 (no changes needed)

commit 54e01a47063764822297e0e5be486566b81f01e6
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Apr 27 13:39:04 2024 +0200

    debian/control: b-dep switch pkg-config -> pkgconf

commit 02ed470049b88c4f6ccaaba916952466cbd23deb
Merge: bf3143e 0d484d3
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 14:58:57 2025 +0100

    Update upstream source from tag 'upstream/2.5.0+dfsg'
    
    Update to upstream version '2.5.0+dfsg'
    with Debian dir f02ed50c913dbb5f388c9370bd941fd9828ead5d

commit 0d484d314ca743d3e8a22f2996c4e821bc33eec6
Author: Matteo F. Vescovi <mfv@debian.org>
Date:   Sat Nov 8 14:58:43 2025 +0100

    New upstream version 2.5.0+dfsg

Created: 2024-02-03 Last update: 2026-02-17 04:48

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-15506: (needs triaging) A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-01-11 Last update: 2026-01-22 17:17

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-15506: (needs triaging) A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-01-11 Last update: 2026-01-22 17:17

debian/patches: 2 patches to forward upstream low

Among the 3 debian patches available in version 2.1.3+dfsg-2 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-08-26 Last update: 2025-08-19 12:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.6.1).

Created: 2022-12-17 Last update: 2025-12-23 20:00

testing migrations

This package will soon be part of the auto-yaml-cpp transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-opencolorio transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2026-02-17] Accepted opencolorio 2.5.1+dfsg-1 (source amd64) into experimental (Debian FTP Masters) (signed by: Matteo F. Vescovi)
[2025-08-25] opencolorio 2.1.3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2025-08-18] Accepted opencolorio 2.1.3+dfsg-2 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2025-01-27] opencolorio 2.1.3+dfsg-1.2 MIGRATED to testing (Debian testing watch)
[2025-01-08] Accepted opencolorio 2.1.3+dfsg-1.2 (source) into unstable (Matthias Klose)
[2024-03-26] opencolorio REMOVED from testing (Debian testing watch)
[2024-02-29] Accepted opencolorio 2.1.3+dfsg-1.1 (source) into unstable (Benjamin Drung)
[2024-02-03] Accepted opencolorio 2.1.3+dfsg-1.1~exp1 (source) into experimental (Lucas Kanashiro)
[2023-09-12] opencolorio 2.1.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-09-06] Accepted opencolorio 2.1.3+dfsg-1 (source) into unstable (Matteo F. Vescovi)
[2023-08-31] opencolorio 2.1.2+dfsg1-4.2 MIGRATED to testing (Debian testing watch)
[2023-08-26] Accepted opencolorio 2.1.2+dfsg1-4.2 (source) into unstable (Gianfranco Costamagna)
[2023-08-26] Accepted opencolorio 2.1.2+dfsg1-4.1 (source) into unstable (Gianfranco Costamagna)
[2022-09-04] opencolorio 2.1.2+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2022-08-20] Accepted opencolorio 2.1.2+dfsg1-4 (source) into unstable (Matteo F. Vescovi)
[2022-08-18] Accepted opencolorio 2.1.2+dfsg1-3 (source) into unstable (Matteo F. Vescovi)
[2022-08-17] Accepted opencolorio 2.1.2+dfsg1-2 (source) into experimental (Matteo F. Vescovi)
[2022-08-12] Accepted opencolorio 2.1.2+dfsg1-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Matteo F. Vescovi)
[2022-03-29] opencolorio REMOVED from testing (Debian testing watch)
[2022-01-03] opencolorio 1.1.1~dfsg0-7.1 MIGRATED to testing (Debian testing watch)
[2021-12-29] Accepted opencolorio 1.1.1~dfsg0-7.1 (source) into unstable (Pino Toscano)
[2020-12-23] opencolorio 1.1.1~dfsg0-7 MIGRATED to testing (Debian testing watch)
[2020-12-17] Accepted opencolorio 1.1.1~dfsg0-7 (source) into unstable (Matteo F. Vescovi)
[2020-03-03] opencolorio 1.1.1~dfsg0-6 MIGRATED to testing (Debian testing watch)
[2020-02-27] Accepted opencolorio 1.1.1~dfsg0-6 (source) into unstable (Matteo F. Vescovi)
[2019-12-13] opencolorio 1.1.1~dfsg0-5 MIGRATED to testing (Debian testing watch)
[2019-12-07] Accepted opencolorio 1.1.1~dfsg0-5 (source) into unstable (Matteo F. Vescovi)
[2019-12-06] Accepted opencolorio 1.1.1~dfsg0-4 (source amd64 all) into unstable, unstable (Matteo F. Vescovi)
[2019-08-11] opencolorio 1.1.1~dfsg0-3 MIGRATED to testing (Debian testing watch)
[2019-08-05] Accepted opencolorio 1.1.1~dfsg0-3 (source) into unstable (Matteo F. Vescovi)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 1)
buildd: logs, exp, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.3+dfsg-2
1 bug