Oval Definition:oval:org.opensuse.security:def:85067
Revision Date:2018-03-02Version:1
Title:Security update for openexr (Moderate)
Description:

This update for openexr fixes the following issues:

CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. (bsc#1040107) * CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. (bsc#1040114) * CVE-2017-12596: In OpenEXR, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it could have resulted in denial of service or possibly unspecified other impact. (bsc#1052522)
Family:unixClass:patch
Status:Reference(s):1040107
1040114
1052522
CVE-2017-12596
CVE-2017-9110
CVE-2017-9114
SUSE-SU-2018:0585-1
Platform(s):SUSE Linux Enterprise Server 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libIlmImf-Imf_2_1-21-2.1.0-6.3.1 is installed
  • OR openexr-2.1.0-6.3.1 is installed
    • BACK