Publishing details

Changelog

openexr (2.2.0-11.1ubuntu1.4) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via heap overflow in chunkOffsetReconstruction
    - debian/patches/CVE-2020-16587.patch: properly check chunk offset in
      IlmImf/ImfMultiPartInputFile.cpp.
    - CVE-2020-16587
  * SECURITY UPDATE: DoS via null pointer dereference
    - debian/patches/CVE-2020-16588.patch: fix logic for 1 pixel high/wide
      preview images in exrmakepreview/makePreview.cpp.
    - CVE-2020-16588
  * SECURITY UPDATE: DoS via heap overflow in writeTileData
    - debian/patches/CVE-2020-16589.patch: validate tile coordinates when
      doing copyPixels in IlmImf/ImfTiledInputFile.cpp.
    - CVE-2020-16589

 -- Marc Deslauriers <email address hidden>  Fri, 11 Dec 2020 08:26:23 -0500

Available diffs

Builds

Package files