Oval Definition:oval:org.opensuse.security:def:65197
Revision Date:2020-12-01Version:1
Title:Security update for openexr (Moderate)
Description:

This update for openexr provides the following fix:

Security issues fixed:

- CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier (bsc#1169575). - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp (bsc#1169574). - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp (bsc#1169576). - CVE-2020-11762: Fixed an out-of-bounds read and write in DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case (bsc#1169549). - CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp (bsc#1169578). - CVE-2020-11760: Fixed an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp (bsc#1169580). - CVE-2020-11758: Fixed an out-of-bounds read in ImfOptimizedPixelReading.h (bsc#1169573).

Non-security issue fixed:

- Enable tests when building the package on x86_64. (bsc#1146648)
Family:unixClass:patch
Status:Reference(s):1063412
1095218
1095219
1110949
1112230
1114225
1132350
1146648
1149792
1156651
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1167890
1168930
1169549
1169573
1169574
1169575
1169576
1169578
1169580
1169605
1169786
1169936
CVE-2017-15298
CVE-2018-11233
CVE-2018-11235
CVE-2018-17456
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-19604
CVE-2020-11008
CVE-2020-11758
CVE-2020-11760
CVE-2020-11761
CVE-2020-11762
CVE-2020-11763
CVE-2020-11764
CVE-2020-11765
CVE-2020-5260
SUSE-SU-2020:1121-1
SUSE-SU-2020:1293-1
Platform(s):SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • libIlmImf-2_2-23-2.2.1-3.14 is installed
  • OR libIlmImfUtil-2_2-23-2.2.1-3.14 is installed
  • OR openexr-2.2.1-3.14 is installed
  • OR openexr-devel-2.2.1-3.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • git-2.26.1-3.25 is installed
  • OR git-arch-2.26.1-3.25 is installed
  • OR git-cvs-2.26.1-3.25 is installed
  • OR git-daemon-2.26.1-3.25 is installed
  • OR git-doc-2.26.1-3.25 is installed
  • OR git-email-2.26.1-3.25 is installed
  • OR git-gui-2.26.1-3.25 is installed
  • OR git-svn-2.26.1-3.25 is installed
  • OR git-web-2.26.1-3.25 is installed
  • OR gitk-2.26.1-3.25 is installed
  • BACK