Lucene search
SuseOPENSUSE-SU-2021:0670-1HistoryMay 05, 2021 - 12:00 a.m.
Security update for openexr (important)
2021-05-0500:00:00
lists.opensuse.org
17
openexr
security update
vulnerabilities
integer-overflow
null pointer
heap buffer overflow
out-of-memory
suse:sle-15:update
patch management
EPSS
0.001
Percentile
48.6%
An update that fixes 5 vulnerabilities is now available.
Description:
This update for openexr fixes the following issues:
- CVE-2021-23215: Fixed an integer-overflow in
Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216). - CVE-2021-26260: Fixed an Integer-overflow in
Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217). - CVE-2021-20296: Fixed a Null Pointer dereference in
Imf_2_5:hufUncompress (bsc#1184355). - CVE-2021-3477: Fixed a Heap-buffer-overflow in
Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353). - CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very
large buffer (bsc#1184354).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-670=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | i586 | < - openSUSE Leap 15.2 (i586 x86_64): | - openSUSE Leap 15.2 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (i586 x86_64): | - openSUSE Leap 15.2 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:1489-1)
2021-05-05 00:00:00
openSUSE Security Update : openexr (openSUSE-2021-670)
2021-05-18 00:00:00
Ubuntu 18.04 LTS : OpenEXR vulnerabilities (USN-4996-1)
2021-06-22 00:00:00
openvas
openvas
openSUSE: Security Advisory for openexr (openSUSE-SU-2021:0670-1)
2021-05-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1489-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-4996-1)
2021-06-23 00:00:00
osv
osv
CVE-2021-26260
2021-06-08 12:15:10
openexr vulnerabilities
2021-06-22 11:09:05
openexr vulnerabilities
2021-06-22 11:46:27
veracode
veracode
Denial Of Service (DoS)
2021-07-11 10:12:19
Denial Of Service (DoS)
2021-07-10 18:13:05
Denial Of Service (DoS)
2021-04-05 07:36:12
debiancve
debiancve
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
nvd
nvd
prion
prion
Integer overflow
2021-06-08 12:15:00
Null pointer dereference
2021-04-01 14:15:00
Integer overflow
2021-06-08 12:15:00
alpinelinux
alpinelinux
cloudfoundry
cloudfoundry
USN-4996-1: OpenEXR vulnerabilities | Cloud Foundry
2021-07-08 00:00:00
USN-4900-1: OpenEXR vulnerabilities | Cloud Foundry
2021-04-29 00:00:00
ubuntu
ubuntu
OpenEXR vulnerabilities
2021-06-22 00:00:00
OpenEXR vulnerabilities
2021-06-22 00:00:00
OpenEXR vulnerabilities
2022-09-20 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-OpenEXR-2.4.1-4.fc33
2021-05-10 01:09:02
debian
debian
[SECURITY] [DLA 2701-1] openexr security update
2021-07-03 18:16:01
[SECURITY] [DSA 5299-1] openexr security update
2022-12-10 16:27:46
[SECURITY] [DLA 3236-1] openexr security update
2022-12-11 23:52:53
mageia
mageia
Updated openexr packages fix security vulnerabilities
2021-07-10 15:56:54
freebsd
freebsd
openexr, ilmbase -- security fixes related to reading corrupted input files
2021-02-12 00:00:00
redhatcve
redhatcve
cnvd
cnvd
OpenEXR DwaCompressor Heap Buffer Overflow Vulnerability
2021-05-07 00:00:00
OpenEXR DwaCompressor Heap Buffer Overflow Vulnerability (CNVD-2021-53912)
2021-05-07 00:00:00
amazon
amazon
Medium: OpenEXR
2023-08-31 22:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2247
2023-10-17 12:52:56
Advisory ROSA-SA-2023-2248
2023-10-17 12:58:34
gentoo
gentoo
OpenEXR: Multiple vulnerabilities
2021-07-11 00:00:00