openexr 2.2.0-11.1ubuntu1.7 source package in Ubuntu

Changelog

openexr (2.2.0-11.1ubuntu1.7) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap-buffer-overflow in function readChars
    - debian/patches/CVE-2021-3598.patch: verify data size in deepscanlines
      with NO_COMPRESSION in IlmImf/ImfDeepScanLineInputFile.cpp.
    - CVE-2021-3598
  * SECURITY UPDATE: Heap buffer overflow in the rleUncompress function
    - debian/patches/CVE-2021-3605.patch: detect buffer overflows in
      IlmImf/ImfRle.cpp.
    - CVE-2021-3605
  * SECURITY UPDATE: null deref in Dwa decompression
    - debian/patches/CVE-2021-20296.patch: double-check unpackedBuffer
      created in DWA uncompress in IlmImf/ImfDwaCompressor.cpp.
    - CVE-2021-20296
  * SECURITY UPDATE: heap overflow in DwaCompressor
    - debian/patches/CVE-2021-23215-pre1.patch: switch over to use
      compressBound() instead of manually computing headroom for compress()
      in IlmImf/ImfDwaCompressor.cpp.
    - debian/patches/CVE-2021-23215.patch: use size_t for DWA buffersize
      calculation in IlmImf/ImfDwaCompressor.cpp.
    - CVE-2021-23215
  * SECURITY UPDATE: heap overflow in DwaCompressor
    - debian/patches/CVE-2021-26260.patch: prevent int overflow in
      buffersize calculation in IlmImf/ImfDwaCompressor.cpp.
    - CVE-2021-26260

 -- Marc Deslauriers <email address hidden>  Mon, 21 Jun 2021 11:40:58 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
graphics
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openexr_2.2.0.orig.tar.gz 13.8 MiB 36a012f6c43213f840ce29a8b182700f6cf6b214bea0d5735594136b44914231
openexr_2.2.0-11.1ubuntu1.7.debian.tar.xz 38.4 KiB f50b917cbdc4b2ed639aee6741a11912fd897c051874e581d12b812c02d93a22
openexr_2.2.0-11.1ubuntu1.7.dsc 2.3 KiB 49961c3993d7c27c2c23eddb2d4b67ebb780eb1e66ac412d90f7b86abfebb1d0

View changes file

Binary packages built by this source

libopenexr-dev: development files for the OpenEXR image library

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the header files required if you wish to
 compile/develop applications that use OpenEXR libraries.

libopenexr22: runtime files for the OpenEXR image library

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the following shared library:
    * IlmImf - a library that reads and writes OpenEXR images.

libopenexr22-dbgsym: debug symbols for libopenexr22
openexr: command-line tools for the OpenEXR image format

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the following tools:
    * exrheader, a utility for dumping header information.
    * exrstdattr, a utility for modifying OpenEXR standard attributes.
    * exrmaketiled, for generating tiled and rip/mipmapped images.
    * exrenvmap, for creating OpenEXR environment maps.
    * exrmakepreview, for creating preview images for OpenEXR files.

openexr-dbgsym: debug symbols for openexr
openexr-doc: documentation and examples for the OpenEXR image format

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains documentation for the format and examples