Описание
Security update for openexr
This update for openexr fixes the following issues:
- CVE-2017-14988: Fixed a denial of service in Header::readfrom() (bsc#1061305).
Список пакетов
Container containers/lmcache-vllm-openai:0
libIlmImf-2_2-23-2.2.1-3.9.2
Container containers/open-webui:0
libIlmImf-2_2-23-2.2.1-3.9.2
Container containers/vllm-openai:0
libIlmImf-2_2-23-2.2.1-3.9.2
Image ai_15_6
libIlmImf-2_2-23-2.2.1-3.9.2
SUSE Linux Enterprise Module for Desktop Applications 15
libIlmImf-2_2-23-2.2.1-3.9.2
libIlmImfUtil-2_2-23-2.2.1-3.9.2
openexr-devel-2.2.1-3.9.2
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
libIlmImf-2_2-23-2.2.1-3.9.2
libIlmImfUtil-2_2-23-2.2.1-3.9.2
openexr-devel-2.2.1-3.9.2
Ссылки
- Link for SUSE-SU-2019:2043-1
- E-Mail link for SUSE-SU-2019:2043-1
- SUSE Security Ratings
- SUSE Bug 1061305
- SUSE CVE CVE-2017-14988 page
Описание
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.9.2
Container containers/open-webui:0:libIlmImf-2_2-23-2.2.1-3.9.2
Container containers/vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.9.2
Image ai_15_6:libIlmImf-2_2-23-2.2.1-3.9.2
Ссылки
- CVE-2017-14988
- SUSE Bug 1061305