Download
| Alert*
oval:org.secpod.oval:def:89045057
This update for OpenEXR fixes the following issues: - Fixed CVE-2021-3479 [bsc#1184354]: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function oval:org.secpod.oval:def:89045085 This update for openexr fixes the following issues: - Fixed CVE-2021-3479 [bsc#1184354]: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in Imf_ ... oval:org.secpod.oval:def:71250 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:705952 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:1701580 There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability oval:org.secpod.oval:def:89047332 This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-20296: Fixed a Null Pointer dereference in Imf_2_5:hufUncom ... |