Описание
Security update for openexr
This update for openexr fixes the following issues:
- CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ (bsc#1192556).
- CVE-2021-3933: Fixed integer-overflow in Imf_3_1:bytesPerDeepLineTable (bsc#1192498).
Список пакетов
openSUSE Leap 15.3
libIlmImf-2_2-23-2.2.1-3.38.1
libIlmImf-2_2-23-32bit-2.2.1-3.38.1
libIlmImfUtil-2_2-23-2.2.1-3.38.1
libIlmImfUtil-2_2-23-32bit-2.2.1-3.38.1
openexr-2.2.1-3.38.1
openexr-devel-2.2.1-3.38.1
openexr-doc-2.2.1-3.38.1
Ссылки
- E-Mail link for openSUSE-SU-2021:3844-1
- SUSE Security Ratings
- SUSE Bug 1192498
- SUSE Bug 1192556
- SUSE CVE CVE-2021-3933 page
- SUSE CVE CVE-2021-3941 page
Описание
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.
Затронутые продукты
openSUSE Leap 15.3:libIlmImf-2_2-23-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImf-2_2-23-32bit-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImfUtil-2_2-23-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImfUtil-2_2-23-32bit-2.2.1-3.38.1
Ссылки
- CVE-2021-3933
- SUSE Bug 1192498
Описание
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.
Затронутые продукты
openSUSE Leap 15.3:libIlmImf-2_2-23-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImf-2_2-23-32bit-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImfUtil-2_2-23-2.2.1-3.38.1
openSUSE Leap 15.3:libIlmImfUtil-2_2-23-32bit-2.2.1-3.38.1
Ссылки
- CVE-2021-3941
- SUSE Bug 1192556