Source: openexr X-Debbugs-CC: [email protected] Severity: grave Tags: security
Hi, The following vulnerabilities were published for openexr. CVE-2021-3933[0]: | An integer overflow could occur when OpenEXR processes a crafted file | on systems where size_t < 64 bits. This could cause an invalid | bytesPerLine and maxBytesPerLine value, which could lead to problems | with application stability or lead to other attack paths. https://bugzilla.redhat.com/show_bug.cgi?id=2019783 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38912 Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/5a0adf1aba7d41c6b94ba167c0c4308d2eecfd17 CVE-2021-3941[1]: | In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division | operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * | Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the | divisor is not checked for a 0 value. A specially crafted file could | trigger a divide-by-zero condition which could affect the availability | of programs linked with OpenEXR. https://bugzilla.redhat.com/show_bug.cgi?id=2019789 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39084 https://github.com/AcademySoftwareFoundation/openexr/pull/1153 Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/a0cfa81153b2464b864c5fe39a53cb03339092ed CVE-2021-45942[2]: | OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in | Imf_3_1::LineCompositeTask::execute (called from | IlmThread_3_1::NullThreadPoolProvider::addTask and | IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be | inapplicable. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416 https://github.com/AcademySoftwareFoundation/openexr/pull/1209 https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3933 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3933 [1] https://security-tracker.debian.org/tracker/CVE-2021-3941 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3941 [2] https://security-tracker.debian.org/tracker/CVE-2021-45942 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45942 Please adjust the affected versions in the BTS as needed. -- Pkg-phototools-devel mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-phototools-devel
