Bug#959444: marked as done (openexr: CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765)

[Debian Bug Tracking System]

Your message dated Fri, 21 Aug 2020 21:19:47 +0000
with message-id <e1k9erv-0009jz...@fasolo.debian.org>
and subject line Bug#959444: fixed in openexr 2.5.3-2
has caused the Debian Bug report #959444,
regarding openexr: CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 
CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
959444: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959444
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: openexr
Version: 2.3.0-6
Severity: grave
Tags: security upstream
Justification: user security hole

Hi,

The following vulnerabilities were published for openexr, all are
fixed in 2.4.1.

CVE-2020-11758[0]:
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-
| bounds read in ImfOptimizedPixelReading.h.


CVE-2020-11759[1]:
| An issue was discovered in OpenEXR before 2.4.1. Because of integer
| overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and
| readSampleCountForLineBlock, an attacker can write to an out-of-bounds
| pointer.


CVE-2020-11760[2]:
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-
| bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.


CVE-2020-11761[3]:
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-
| bounds read during Huffman uncompression, as demonstrated by
| FastHufDecoder::refill in ImfFastHuf.cpp.


CVE-2020-11762[4]:
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-
| bounds read and write in DwaCompressor::uncompress in
| ImfDwaCompressor.cpp when handling the UNKNOWN compression case.


CVE-2020-11763[5]:
| An issue was discovered in OpenEXR before 2.4.1. There is an
| std::vector out-of-bounds read and write, as demonstrated by
| ImfTileOffsets.cpp.


CVE-2020-11764[6]:
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-
| bounds write in copyIntoFrameBuffer in ImfMisc.cpp.


CVE-2020-11765[7]:
| An issue was discovered in OpenEXR before 2.4.1. There is an off-by-
| one error in use of the ImfXdr.h read function by
| DwaCompressor::Classifier::Classifier, leading to an out-of-bounds
| read.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-11758
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11758
[1] https://security-tracker.debian.org/tracker/CVE-2020-11759
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11759
[2] https://security-tracker.debian.org/tracker/CVE-2020-11760
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11760
[3] https://security-tracker.debian.org/tracker/CVE-2020-11761
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11761
[4] https://security-tracker.debian.org/tracker/CVE-2020-11762
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11762
[5] https://security-tracker.debian.org/tracker/CVE-2020-11763
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11763
[6] https://security-tracker.debian.org/tracker/CVE-2020-11764
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11764
[7] https://security-tracker.debian.org/tracker/CVE-2020-11765
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11765
[8] https://bugs.chromium.org/p/project-zero/issues/detail?id=1987

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: openexr
Source-Version: 2.5.3-2
Done: m...@debian.org (Matteo F. Vescovi)

We believe that the bug you reported is fixed in the latest version of
openexr, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 959...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matteo F. Vescovi <m...@debian.org> (supplier of updated openexr package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Aug 2020 22:56:55 +0200
Source: openexr
Architecture: source
Version: 2.5.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian PhotoTools Maintainers 
<pkg-phototools-de...@lists.alioth.debian.org>
Changed-By: Matteo F. Vescovi <m...@debian.org>
Closes: 959444
Changes:
 openexr (2.5.3-2) unstable; urgency=medium
 .
   * Upload to unstable (Closes: #959444)
Checksums-Sha1:
 70148d4e9b25b749f86a6718ac99e1b66922cd9f 2683 openexr_2.5.3-2.dsc
 00651166c3722c2302af5ba1f349e39c9643c1db 21400 openexr_2.5.3-2.debian.tar.xz
 80724e53977195ed6942f823abc7193ef180c053 5702 openexr_2.5.3-2_source.buildinfo
Checksums-Sha256:
 ab67a65d797848b82aad47e065655f777a80f3115ec9e6b3b539aa817adae8ea 2683 
openexr_2.5.3-2.dsc
 ee2e4cc45979d8da1cdd3ce0462a1df7ab6dca9214ac0a8bbbfe2987504dfa52 21400 
openexr_2.5.3-2.debian.tar.xz
 f41bd4b1c46a09aaf14c80b9aeffc46fc7a3de2c04056f97fdddde23e79c0af5 5702 
openexr_2.5.3-2_source.buildinfo
Files:
 35913fb4074c924dde899d79c941ac6c 2683 graphics optional openexr_2.5.3-2.dsc
 fa3f7ab1267a427b323678b0672cfe71 21400 graphics optional 
openexr_2.5.3-2.debian.tar.xz
 5db2e40316d16820934822c7f6fdecd9 5702 graphics optional 
openexr_2.5.3-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----
Comment: Debian powered!

iQKTBAEBCgB9FiEE890J+NqH0d9QRsmbBhL0lE7NzVoFAl9ANg5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEYz
REQwOUY4REE4N0QxREY1MDQ2Qzk5QjA2MTJGNDk0NEVDRENENUEACgkQBhL0lE7N
zVoX2xAAn3mFPiGUbdDLx48ej+xIGSC3N93IiZLWfK6Jb/PjktnS8RGnkN2PZx0g
yts1dybnmsQWB0E5M7BAHyjMm3uX16YXvdE/33NTLd9C48tSO1nkevLZF9qVZx1W
0L+FYY7v7dnQTo4vz6ZmZc98pb6dJd6ER3QEJeMmE3ybBphISlVX2cTna3KLo4bg
emp5yOAutfRDDQDDmzu/n/rwwwzrInMODCWFrSepiddoisPbIN2kn0ZWo1jmRt0o
I6LqVdykB/kl2XAa/2PvaEWzIk1/rFQ/prGalse3ftXVnRrOGmkN/9q9JNnmi5gf
B7L5AcnNdhpdn303dc2nd7CMwvuooBKsbmVI0YyxlZy9cxPTSK79HTVLsLvTODtc
IoDfvZx0+xAfu+2ngFrKqSKl80ct4f3MZJf2wuLEZ2/vOQaA2IB2tzz5P241cvYc
Ofc5Sdsc+FJFeTeud5Un7ieVO9bH/fSL4h7S7I/q6lnmlJGMq4umWo+xzhksnPyY
I2crfz/t41KuJfx+eTZ0wLR0ZQ3q/wh9GNQEISA+jSyAIQwxKnbCgj6lQjpkx5P2
I0fSoHCJk5F0pYb7CHyIm9tSLE1eJiuEP6Tv9Fw4GiCUedfuBK95MehjH0wQhUJV
w0dSKcd4y7R5MKgiQ1CNXpllaAcOxZ+NFjhqKLFGDHI1OhGcaVk=
=lHZ2
-----END PGP SIGNATURE-----

--- End Message ---