SUSE-SU-2020:1293-1 -- SLES openexr, libIlmImf-2_2-23, libIlmImfUtil-2_2-23ID: oval:org.secpod.oval:def:89050443 | Date: (C)2023-10-10 (M)2023-10-10 |
Class: PATCH | Family: unix |
This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier . - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp . - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp . - CVE-2020-11762: Fixed an out-of-bounds read and write in DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case . - CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp . - CVE-2020-11760: Fixed an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp . - CVE-2020-11758: Fixed an out-of-bounds read in ImfOptimizedPixelReading.h . Non-security issue fixed: - Enable tests when building the package on x86_64
Platform: |
SUSE Linux Enterprise Desktop 15 SP1 |
Product: |
openexr |
libIlmImf-2_2-23 |
libIlmImfUtil-2_2-23 |