[ubuntu/xenial-security] openexr 2.2.0-10ubuntu2.4 (Accepted)

Marc Deslauriers Tue, 05 Jan 2021 05:22:04 -0800

openexr (2.2.0-10ubuntu2.4) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via heap overflow in chunkOffsetReconstruction
    - debian/patches/CVE-2020-16587.patch: properly check chunk offset in
      IlmImf/ImfMultiPartInputFile.cpp.
    - CVE-2020-16587
  * SECURITY UPDATE: DoS via null pointer dereference
    - debian/patches/CVE-2020-16588.patch: fix logic for 1 pixel high/wide
      preview images in exrmakepreview/makePreview.cpp.
    - CVE-2020-16588
  * SECURITY UPDATE: DoS via heap overflow in writeTileData
    - debian/patches/CVE-2020-16589.patch: validate tile coordinates when
      doing copyPixels in IlmImf/ImfTiledInputFile.cpp.
    - CVE-2020-16589


Date: 2020-12-11 14:14:24.853544+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.4

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] openexr 2.2.0-10ubuntu2.4 (Accepted)

Reply via email to