Format: 1.8 Date: Mon, 21 Jun 2021 11:40:58 -0400 Source: openexr Binary: openexr openexr-doc libopenexr-dev libopenexr22 Architecture: s390x Version: 2.2.0-11.1ubuntu1.7 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libopenexr-dev - development files for the OpenEXR image library libopenexr22 - runtime files for the OpenEXR image library openexr - command-line tools for the OpenEXR image format openexr-doc - documentation and examples for the OpenEXR image format Changes: openexr (2.2.0-11.1ubuntu1.7) bionic-security; urgency=medium . * SECURITY UPDATE: Heap-buffer-overflow in function readChars - debian/patches/CVE-2021-3598.patch: verify data size in deepscanlines with NO_COMPRESSION in IlmImf/ImfDeepScanLineInputFile.cpp. - CVE-2021-3598 * SECURITY UPDATE: Heap buffer overflow in the rleUncompress function - debian/patches/CVE-2021-3605.patch: detect buffer overflows in IlmImf/ImfRle.cpp. - CVE-2021-3605 * SECURITY UPDATE: null deref in Dwa decompression - debian/patches/CVE-2021-20296.patch: double-check unpackedBuffer created in DWA uncompress in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-20296 * SECURITY UPDATE: heap overflow in DwaCompressor - debian/patches/CVE-2021-23215-pre1.patch: switch over to use compressBound() instead of manually computing headroom for compress() in IlmImf/ImfDwaCompressor.cpp. - debian/patches/CVE-2021-23215.patch: use size_t for DWA buffersize calculation in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-23215 * SECURITY UPDATE: heap overflow in DwaCompressor - debian/patches/CVE-2021-26260.patch: prevent int overflow in buffersize calculation in IlmImf/ImfDwaCompressor.cpp. - CVE-2021-26260 Checksums-Sha1: af9ae30905381731d05199383f927d1849a6a14d 665880 libopenexr-dev_2.2.0-11.1ubuntu1.7_s390x.deb 085fa00fb0dc8de7e2abf57dc68dcbcc244d5374 4034116 libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb 98555db14edeb43cfc85e99236de9a81eadad961 557712 libopenexr22_2.2.0-11.1ubuntu1.7_s390x.deb 9b3cf30b65eab78f89c9079cc176ffa3361bffb4 691812 openexr-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb af5319cccfc8eb98327019f4b2339b4942e2327d 6376 openexr_2.2.0-11.1ubuntu1.7_s390x.buildinfo e9bdb38bc1d54dcd663883ed59eecd5de29bbe6e 62404 openexr_2.2.0-11.1ubuntu1.7_s390x.deb Checksums-Sha256: 616a29eac3481e1ab84b53ab278e88c19b242d35d22990ce750eb45058582dfb 665880 libopenexr-dev_2.2.0-11.1ubuntu1.7_s390x.deb d18dae86e292500a44cafb4115087e6d928c382831f97489ee5f7944d562c7d2 4034116 libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb c3707f533743c8a1999399fb52367acf65913a30ac03295e09be20b4920aa465 557712 libopenexr22_2.2.0-11.1ubuntu1.7_s390x.deb e58f3a46b193a3782989637a749bdee2bc0d2a6b40f73b66b840ae494fc7c26b 691812 openexr-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb 8bd24c6623c365040ba277d22cd4a443dd608c8d314428770e2dd7e1502c8cab 6376 openexr_2.2.0-11.1ubuntu1.7_s390x.buildinfo cfc05c47e5359ea42946761ed02dc155b0afa7dc81e42c996600e0f5f6d1702b 62404 openexr_2.2.0-11.1ubuntu1.7_s390x.deb Files: 8516c9d6a9cac7af39c65f05cbf290c9 665880 libdevel optional libopenexr-dev_2.2.0-11.1ubuntu1.7_s390x.deb 3f6268aee51916004ac712f1c654a55f 4034116 debug optional libopenexr22-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb e59f2fd2784233218fb3dffcca88236c 557712 libs optional libopenexr22_2.2.0-11.1ubuntu1.7_s390x.deb b889eb73959f7d58f9408bfde8999d81 691812 debug optional openexr-dbgsym_2.2.0-11.1ubuntu1.7_s390x.ddeb 13ecaeb1109bb0dbec51d272e7c32d80 6376 graphics optional openexr_2.2.0-11.1ubuntu1.7_s390x.buildinfo 45fb041846041f242b0a453bf3a4317d 62404 graphics optional openexr_2.2.0-11.1ubuntu1.7_s390x.deb Original-Maintainer: Debian PhotoTools Maintainers