openSUSE-SU-2022:0062-1

Опубликовано: 12 янв. 2022

Источник: suse-cvrf

Описание

Security update for openexr

This update for openexr fixes the following issues:

CVE-2021-45942: Fixed heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute. (bsc#1194333)

Список пакетов

SUSE Package Hub 15 SP3

cobbler-3.1.2-bp153.2.3.1

cobbler-tests-3.1.2-bp153.2.3.1

cobbler-web-3.1.2-bp153.2.3.1

openSUSE Leap 15.3

cobbler-3.1.2-bp153.2.3.1

cobbler-tests-3.1.2-bp153.2.3.1

cobbler-web-3.1.2-bp153.2.3.1

libIlmImf-2_2-23-2.2.1-3.41.1

libIlmImf-2_2-23-32bit-2.2.1-3.41.1

libIlmImfUtil-2_2-23-2.2.1-3.41.1

libIlmImfUtil-2_2-23-32bit-2.2.1-3.41.1

openexr-2.2.1-3.41.1

openexr-devel-2.2.1-3.41.1

openexr-doc-2.2.1-3.41.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QYJBECOXKL6LM6PP3ZL5EKF4GRPTFTD5/
E-Mail link for openSUSE-SU-2022:0062-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1194333
SUSE Bug 1194333
https://www.suse.com/security/cve/CVE-2021-45942/
SUSE CVE CVE-2021-45942 page

Описание

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Затронутые продукты

SUSE Package Hub 15 SP3:cobbler-3.1.2-bp153.2.3.1

SUSE Package Hub 15 SP3:cobbler-tests-3.1.2-bp153.2.3.1

SUSE Package Hub 15 SP3:cobbler-web-3.1.2-bp153.2.3.1

openSUSE Leap 15.3:cobbler-3.1.2-bp153.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45942.html
CVE-2021-45942
https://bugzilla.suse.com/1194333
SUSE Bug 1194333

openSUSE-SU-2022:0062-1

Описание

Список пакетов

SUSE Package Hub 15 SP3

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-45942

Описание

Затронутые продукты

Ссылки