Format: 1.8 Date: Mon, 21 Jun 2021 11:40:58 -0400 Source: openexr Binary: openexr openexr-doc libopenexr-dev libopenexr22 Architecture: amd64 all Version: 2.2.0-11.1ubuntu1.7 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libopenexr-dev - development files for the OpenEXR image library libopenexr22 - runtime files for the OpenEXR image library openexr - command-line tools for the OpenEXR image format openexr-doc - documentation and examples for the OpenEXR image format Changes: openexr (2.2.0-11.1ubuntu1.7) bionic-security; urgency=medium . * SECURITY UPDATE: Heap-buffer-overflow in function readChars - debian/patches/CVE-2021-3598.patch: verify data size in deepscanlines with NO_COMPRESSION in IlmImf/ImfDeepScanLineInputFile.cpp. - CVE-2021-3598 * SECURITY UPDATE: Heap buffer overflow in the rleUncompress function - debian/patches/CVE-2021-3605.patch: detect buffer overflows in IlmImf/ImfRle.cpp. - CVE-2021-3605 * SECURITY UPDATE: null deref in Dwa decompression - debian/patches/CVE-2021-20296.patch: double-check unpackedBuffer created in DWA uncompress in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-20296 * SECURITY UPDATE: heap overflow in DwaCompressor - debian/patches/CVE-2021-23215-pre1.patch: switch over to use compressBound() instead of manually computing headroom for compress() in IlmImf/ImfDwaCompressor.cpp. - debian/patches/CVE-2021-23215.patch: use size_t for DWA buffersize calculation in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-23215 * SECURITY UPDATE: heap overflow in DwaCompressor - debian/patches/CVE-2021-26260.patch: prevent int overflow in buffersize calculation in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-26260 Checksums-Sha1: eacc1b0cef53239377db2f08c20b136216ed6dd9 690732 libopenexr-dev_2.2.0-11.1ubuntu1.7_amd64.deb 0163baa854a3317ea745b37b41e20f169f34ac3e 3927336 libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb 82ba0e0e259de3b7c1af5336c2d7f7d6fa0e16eb 561564 libopenexr22_2.2.0-11.1ubuntu1.7_amd64.deb 781bb4ea67351592d2ade25d11b6c7a717a3f73c 670936 openexr-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb ee927e96b2d693680d3bb36dbe3f17841aa19a62 2310100 openexr-doc_2.2.0-11.1ubuntu1.7_all.deb 32c7ff754e5ac4677e15e6df243cd8ec9426c17f 6853 openexr_2.2.0-11.1ubuntu1.7_amd64.buildinfo da16ab4e2bfc9aaf16f1b941b3e2bb20b9139620 68380 openexr_2.2.0-11.1ubuntu1.7_amd64.deb Checksums-Sha256: 59fbddceb2946b99d22a447ad4ecc2f309d2dc972b444fa967de79fb2fbd8bdb 690732 libopenexr-dev_2.2.0-11.1ubuntu1.7_amd64.deb ce43b87d78f12c8d4ba1126d8664612ec93f571638c026c70804b63c792f5d79 3927336 libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb 32c720579a95691079e35a770438d562ae1cb39451da0d8c8d4a2f8cecd617e0 561564 libopenexr22_2.2.0-11.1ubuntu1.7_amd64.deb 2fad1b433ef72fedcc3d9023a1de1cfcc1c7459a571bd5e6146620c0760a0789 670936 openexr-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb b1307787da3672582c402c977a0a07a4b28ff5e3480c38d6a4b33bd4ab873b17 2310100 openexr-doc_2.2.0-11.1ubuntu1.7_all.deb 03db43616d0be3e839ede61faf05a426751b12c65227bb5f8df693fc55db56cc 6853 openexr_2.2.0-11.1ubuntu1.7_amd64.buildinfo 5b8f7c7e8f2fd4141345357a65c207a61c96634ec53ab8ba865f469bac5a9deb 68380 openexr_2.2.0-11.1ubuntu1.7_amd64.deb Files: 6c61ccf87cfd6eeed4b5feae838136c9 690732 libdevel optional libopenexr-dev_2.2.0-11.1ubuntu1.7_amd64.deb 08d0768af0be325b3886b1b53fb0c817 3927336 debug optional libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb 6bfe2361b64ad22d8aa1b6bc6c88f8be 561564 libs optional libopenexr22_2.2.0-11.1ubuntu1.7_amd64.deb d0c7e80dc34c6353270bb4526d9cfaec 670936 debug optional openexr-dbgsym_2.2.0-11.1ubuntu1.7_amd64.ddeb b2b7264f7bbeea1307f767da58b01176 2310100 doc optional openexr-doc_2.2.0-11.1ubuntu1.7_all.deb dff380f37bae08dbec0fdc8426672078 6853 graphics optional openexr_2.2.0-11.1ubuntu1.7_amd64.buildinfo a9ef7d6b3612990131d4f7a6fe1b8363 68380 graphics optional openexr_2.2.0-11.1ubuntu1.7_amd64.deb Original-Maintainer: Debian PhotoTools Maintainers