Information on source package openexr

Available versions

ReleaseVersion
wheezy1.6.1-6
wheezy (security)1.6.1-6+deb7u1
jessie1.6.1-8
stretch2.2.0-11
buster2.2.1-4
sid2.2.1-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9116fixedvulnerablevulnerablefixedfixedIn OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ...
CVE-2017-9115vulnerable (no DSA)vulnerablevulnerablevulnerablevulnerableIn OpenEXR 2.2.0, an invalid write of size 2 in the = operator function ...
CVE-2017-9114vulnerable (no DSA)vulnerablevulnerablevulnerablevulnerableIn OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...
CVE-2017-9113vulnerable (no DSA)vulnerablevulnerablevulnerablevulnerableIn OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...
CVE-2017-9112fixedvulnerablevulnerablefixedfixedIn OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ...
CVE-2017-9111vulnerable (no DSA)vulnerablevulnerablevulnerablevulnerableIn OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...
CVE-2017-9110fixedvulnerablevulnerablefixedfixedIn OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function ...
CVE-2017-14988vulnerable (no DSA, postponed)vulnerablevulnerablevulnerablevulnerableHeader::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...
CVE-2017-12596fixedvulnerablevulnerablefixedfixedIn OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...

Resolved issues

BugDescription
CVE-2009-1722Heap-based buffer overflow in the compression implementation in ...
CVE-2009-1721The decompression implementation in the Imf::hufUncompress function in ...
CVE-2009-1720Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow ...

Security announcements

DSA / DLADescription
DLA-1083-1openexr - security update
DSA-1842-1openexr - several vulnerabilities
DSA-1842-1openexr - several vulnerabilities
Search for package or bug name: Reporting problems