Download
| Alert*
oval:org.secpod.oval:def:704564
openexr is installed oval:org.secpod.oval:def:89000792 openexr is installed oval:org.secpod.oval:def:504337 OpenEXR is installed oval:org.secpod.oval:def:69294 openexr is installed oval:org.secpod.oval:def:69250 openexr is installed oval:org.secpod.oval:def:1801519 openexr is installed oval:org.secpod.oval:def:89003101 This update for openexr fixes the following issues: Security issue fixed: - CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h . - CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp . - CVE-2017-9 ... oval:org.secpod.oval:def:89002174 This update for OpenEXR fixes the following issues: * CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. * CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the ap ... oval:org.secpod.oval:def:70115 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:62968 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:71250 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:89045567 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:70323 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:89045541 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:2000730 In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. oval:org.secpod.oval:def:3301161 SUSE Security Update: Security update for openexr oval:org.secpod.oval:def:89050443 This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier . - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp . - CVE-2020-11763 ... oval:org.secpod.oval:def:89050479 This update for openexr fixes the following issues: - CVE-2020-15304: Fixed a NULL pointer dereference in TiledInputFile:TiledInputFile . - CVE-2020-15305: Fixed a use-after-free in DeepScanLineInputFile:DeepScanLineInputFile . - CVE-2020-15306: Fixed a heap buffer overflow in getChunkOffsetTableSiz ... oval:org.secpod.oval:def:89050511 This update for openexr fixes the following issues: Security issues fixed: - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp . - CVE-2020-16588: Fixed a null pointer deference in generatePreview . - CVE-2020-16589: Fixed a heap-based buffe ... oval:org.secpod.oval:def:121769 OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. oval:org.secpod.oval:def:73580 GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: accountsservice , webkit2gtk3 . Security Fix: * webkitgtk: type confusion may lead to arbitrary code execution * webkitgtk: use-after-free may lead to arbitr ... oval:org.secpod.oval:def:89047301 This update for openexr fixes the following issues: - CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ . - CVE-2021-3933: Fixed integer-overflow in Imf_3_1:bytesPerDeepLineTable . oval:org.secpod.oval:def:89047601 This update for openexr fixes the following issues: - CVE-2021-45942: Fixed heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute oval:org.secpod.oval:def:88443 Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound reads could lead to a denial of service if a malformed image file is processed. oval:org.secpod.oval:def:73711 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:89047102 This update for openexr fixes the following issues: - Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in Imf_3_1:CharPtrIO:readChars oval:org.secpod.oval:def:2000517 OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview. oval:org.secpod.oval:def:2000693 In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code. oval:org.secpod.oval:def:2000692 In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash. oval:org.secpod.oval:def:2001306 In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code. oval:org.secpod.oval:def:2000805 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. oval:org.secpod.oval:def:2000524 In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact. oval:org.secpod.oval:def:2000336 In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code. oval:org.secpod.oval:def:2001326 In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. oval:org.secpod.oval:def:1900408 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function inImfHuf.cpp could cause the application to crash. oval:org.secpod.oval:def:1900404 In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function inImfZip.cpp could cause the application to crash. oval:org.secpod.oval:def:2000825 makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact. oval:org.secpod.oval:def:1900453 In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function inImfHuf.cpp could cause the application to crash. oval:org.secpod.oval:def:59572 openexr: command-line tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:59573 openexr: command-line tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:1900214 In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution;it may result in denial of service or possibly unspecified other impact. oval:org.secpod.oval:def:89000170 This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp . - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp . - CVE-2020-11758: Fixed an out-of-bounds ... oval:org.secpod.oval:def:205630 OpenEXR is a high dynamic-range image file format developed by Industrial Light. Magic for use in computer imaging applications. This package contains libraries and sample applications for handling the format. Security Fix: * OpenEXR: out-of-bounds read during Huffman uncompression * OpenEXR: std: ... oval:org.secpod.oval:def:1701580 There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability oval:org.secpod.oval:def:89047088 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89047332 This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-20296: Fixed a Null Pointer dereference in Imf_2_5:hufUncom ... oval:org.secpod.oval:def:19500085 An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t is less than 64 bits. This issue could cause an invalid bytesPerLine and maxBytesPerLine value, which leads to problems with application stability or other attack paths. In ImfChromaticities.cpp routine RGB ... oval:org.secpod.oval:def:2500304 GNOME is the default desktop environment of AlmaLinux. oval:org.secpod.oval:def:89003419 This update for openexr fixes the following issues: - CVE-2017-14988: Fixed a denial of service in Header::readfrom . oval:org.secpod.oval:def:2000879 Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. oval:org.secpod.oval:def:89050899 This update for openexr fixes the following issues: - CVE-2017-14988: Fixed a denial of service in Header::readfrom . |