Univention Bugzilla – Bug 52111
(ES 4.3) openexr
Last modified: 2020-11-30 12:40:02 CET
Provide openexr version 2.2.0-11+deb9u1 for UCS 4.3 First imported at bug #51931 This update addresses the following issues: * Out-of-bounds read in the hufDecode function (CVE-2017-9110) * Out-of-bounds write in the storeSSE function (CVE-2017-9111) * Out-of-bounds read in the getBits function (CVE-2017-9112) * Out-of-bounds write in the bufferedReadPixels function (CVE-2017-9113) * Out-of-bounds read in the refill function (CVE-2017-9114) * Out-of-bounds write in the = operator function (CVE-2017-9115) * Out-of-bounds read in the uncompress function (CVE-2017-9116) * heap-based buffer over-read in hufDecode function (CVE-2017-12596) * out-of-bounds read in ImfOptimizedPixelReading.h (CVE-2020-11758) * out-of-bounds write due to integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock (CVE-2020-11759) * out-of-bounds read during RLE uncompression in rleUncompress function in ImfRle.cpp (CVE-2020-11760) * out-of-bounds read during Huffman uncompression (CVE-2020-11761) * out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp (CVE-2020-11762) * std::vector out-of-bounds read and write in ImfTileOffsets.cpp (CVE-2020-11763) * out-of-bounds write in copyIntoFrameBuffer function in ImfMisc.cpp (CVE-2020-11764) * off-by-one error in ImfXdr.h read function by DwaCompressor::Classifier::Classifier leading to an out-of-bounds read (CVE-2020-11765) * Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp (CVE-2020-15305) * Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp (CVE-2020-15306)
openexr: Installiert: 2.2.0-11+deb9u1 Installationskandidat: 2.2.0-11+deb9u1 Versionstabelle: *** 2.2.0-11+deb9u1 500 500 http://192.168.0.10/build2 ucs_4.3-0-extsec4.3/amd64/ Packages
CLOSED: Released as extsec4.3 update