OpenEXR (SL7) | Scientific Linux

Synopsis: Moderate: OpenEXR security update
Advisory ID: SLSA-2020:4039-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2020-11763
CVE-2020-11764
CVE-2020-11761
—

Security Fix(es):

* OpenEXR: out-of-bounds read during Huffman uncompression (CVE-2020-11761)

* OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp
(CVE-2020-11763)

* OpenEXR: out-of-bounds write in copyIntoFrameBuffer function in
ImfMisc.cpp (CVE-2020-11764)
—

SL7
x86_64
OpenEXR-libs-1.7.1-8.el7.x86_64.rpm
OpenEXR-libs-1.7.1-8.el7.i686.rpm
OpenEXR-debuginfo-1.7.1-8.el7.i686.rpm
OpenEXR-debuginfo-1.7.1-8.el7.x86_64.rpm
OpenEXR-1.7.1-8.el7.x86_64.rpm
OpenEXR-devel-1.7.1-8.el7.i686.rpm
OpenEXR-devel-1.7.1-8.el7.x86_64.rpm

– Scientific Linux Development Team

SL Security Errata