Описание
Security update for openexr
This update for openexr fixes the following issues:
- CVE-2021-3474: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder (bsc#1184174)
- CVE-2021-3475: Integer-overflow in Imf_2_5::calculateNumTiles (bsc#1184173)
- CVE-2021-3476: Undefined-shift in Imf_2_5::unpack14 (bsc#1184172)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:0536-1
- SUSE Security Ratings
- SUSE Bug 1184172
- SUSE Bug 1184173
- SUSE Bug 1184174
- SUSE CVE CVE-2021-3474 page
- SUSE CVE CVE-2021-3475 page
- SUSE CVE CVE-2021-3476 page
Описание
There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.
Затронутые продукты
Ссылки
- CVE-2021-3474
- SUSE Bug 1184174
Описание
There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.
Затронутые продукты
Ссылки
- CVE-2021-3475
- SUSE Bug 1184173
Описание
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.
Затронутые продукты
Ссылки
- CVE-2021-3476
- SUSE Bug 1184172