| Revision Date: | 2020-05-18 | Version: | 1 |
| Title: | Security update for openexr (Moderate) |
| Description: |
This update for openexr provides the following fix:
Security issues fixed:
- CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier (bsc#1169575). - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp (bsc#1169574). - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp (bsc#1169576). - CVE-2020-11762: Fixed an out-of-bounds read and write in DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case (bsc#1169549). - CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp (bsc#1169578). - CVE-2020-11760: Fixed an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp (bsc#1169580). - CVE-2020-11758: Fixed an out-of-bounds read in ImfOptimizedPixelReading.h (bsc#1169573).
Non-security issue fixed:
- Enable tests when building the package on x86_64. (bsc#1146648)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1146648
1169549
1169573
1169574
1169575
1169576
1169578
1169580
CVE-2020-11758
CVE-2020-11760
CVE-2020-11761
CVE-2020-11762
CVE-2020-11763
CVE-2020-11764
CVE-2020-11765
SUSE-SU-2020:1293-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information
libIlmImf-2_2-23-2.2.1-3.14.1 is installed
OR libIlmImfUtil-2_2-23-2.2.1-3.14.1 is installed
OR openexr-devel-2.2.1-3.14.1 is installed
|