Information on source package openexr

Available versions

ReleaseVersion
stretch2.2.0-11
stretch (security)2.2.0-11+deb9u2
buster2.2.1-4.1+deb10u1
bullseye2.5.3-2
sid2.5.4-1

Open issues

BugstretchbusterbullseyesidDescription
CVE-2020-16589fixedvulnerable (no DSA)fixedfixedA head-based buffer overflow exists in Academy Software Foundation Ope ...
CVE-2020-16588fixedvulnerable (no DSA)fixedfixedA Null Pointer Deference issue exists in Academy Software Foundation O ...
CVE-2020-16587fixedvulnerable (no DSA)fixedfixedA heap-based buffer overflow vulnerability exists in Academy Software ...

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2018-18444vulnerablevulnerablefixedfixedmakeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bound ...
CVE-2018-18443vulnerablevulnerablefixedfixedOpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/Ilm ...
CVE-2017-14988vulnerablevulnerablevulnerablevulnerable** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2 ...

Resolved issues

BugDescription
CVE-2020-15306An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...
CVE-2020-15305An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...
CVE-2020-15304An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...
CVE-2020-11765An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...
CVE-2020-11764An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...
CVE-2020-11763An issue was discovered in OpenEXR before 2.4.1. There is an std::vect ...
CVE-2020-11762An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...
CVE-2020-11761An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...
CVE-2020-11760An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...
CVE-2020-11759An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ...
CVE-2020-11758An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...
CVE-2017-9116In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ...
CVE-2017-9115In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ...
CVE-2017-9114In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...
CVE-2017-9113In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...
CVE-2017-9112In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ...
CVE-2017-9111In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...
CVE-2017-9110In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function ...
CVE-2017-12596In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...
CVE-2009-1722Heap-based buffer overflow in the compression implementation in OpenEX ...
CVE-2009-1721The decompression implementation in the Imf::hufUncompress function in ...
CVE-2009-1720Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-de ...

Security announcements

DSA / DLADescription
DLA-2491-1openexr - security update
DLA-2358-1openexr - security update
DSA-4755-1openexr - security update
DLA-1083-1openexr - security update
DSA-1842-1openexr - several vulnerabilities
Search for package or bug name: Reporting problems