Описание
Security update for openexr
This update for openexr fixes the following issues:
- CVE-2020-15304: Fixed a NULL pointer dereference in TiledInputFile:TiledInputFile() (bsc#1173466).
- CVE-2020-15305: Fixed a use-after-free in DeepScanLineInputFile:DeepScanLineInputFile() (bsc#1173467).
- CVE-2020-15306: Fixed a heap buffer overflow in getChunkOffsetTableSize() (bsc#1173469).
Список пакетов
Container containers/lmcache-vllm-openai:0
libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/open-webui:0
libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/vllm-openai:0
libIlmImf-2_2-23-2.2.1-3.18.1
Image ai_15_6
libIlmImf-2_2-23-2.2.1-3.18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
libIlmImf-2_2-23-2.2.1-3.18.1
libIlmImfUtil-2_2-23-2.2.1-3.18.1
openexr-devel-2.2.1-3.18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
libIlmImf-2_2-23-2.2.1-3.18.1
libIlmImfUtil-2_2-23-2.2.1-3.18.1
openexr-devel-2.2.1-3.18.1
Ссылки
- Link for SUSE-SU-2020:1931-1
- E-Mail link for SUSE-SU-2020:1931-1
- SUSE Security Ratings
- SUSE Bug 1173466
- SUSE Bug 1173467
- SUSE Bug 1173469
- SUSE CVE CVE-2020-15304 page
- SUSE CVE CVE-2020-15305 page
- SUSE CVE CVE-2020-15306 page
Описание
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/open-webui:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Image ai_15_6:libIlmImf-2_2-23-2.2.1-3.18.1
Ссылки
- CVE-2020-15304
- SUSE Bug 1173466
Описание
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/open-webui:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Image ai_15_6:libIlmImf-2_2-23-2.2.1-3.18.1
Ссылки
- CVE-2020-15305
- SUSE Bug 1173467
Описание
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/open-webui:0:libIlmImf-2_2-23-2.2.1-3.18.1
Container containers/vllm-openai:0:libIlmImf-2_2-23-2.2.1-3.18.1
Image ai_15_6:libIlmImf-2_2-23-2.2.1-3.18.1
Ссылки
- CVE-2020-15306
- SUSE Bug 1173469