SUSE-SU-2021:14846-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:14846-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:14846-1
- Related
- Published
- 2021-12-01T15:50:02Z
- Modified
- 2021-12-01T15:50:02Z
- Summary
- Security update for OpenEXR
- Details
-
This update for OpenEXR fixes the following issues:
- CVE-2021-20298: Fixed out-of-memory in B44Compressor (bsc#1188460).
- CVE-2021-20300: Fixed integer-overflow in Imf25:hufUncompress (bsc#1188458).
- CVE-2021-20303: Fixed heap-buffer-overflow in Imf25::copyIntoFrameBuffe (bsc#1188457).
- CVE-2021-20304: Fixed undefined-shift in Imf25:hufDecode (bsc#1188461).
- CVE-2021-3941: Fixed divide-by-zero in Imf31:RGBtoXYZ (bsc#1192556).
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-202114846-1/
- https://bugzilla.suse.com/1188457
- https://bugzilla.suse.com/1188458
- https://bugzilla.suse.com/1188460
- https://bugzilla.suse.com/1188461
- https://bugzilla.suse.com/1192556
- https://www.suse.com/security/cve/CVE-2021-20298
- https://www.suse.com/security/cve/CVE-2021-20300
- https://www.suse.com/security/cve/CVE-2021-20303
- https://www.suse.com/security/cve/CVE-2021-20304
- https://www.suse.com/security/cve/CVE-2021-3941
Affected packages
SUSE:Linux Enterprise Point of Sale 11 SP3 / OpenEXR
Package
- Name
- OpenEXR
- Purl
- purl:rpm/suse/OpenEXR&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3