openexr (2.2.0-10ubuntu2.4) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via heap overflow in chunkOffsetReconstruction
- debian/patches/CVE-2020-16587.patch: properly check chunk offset in
IlmImf/ImfMultiPartInputFile.cpp.
- CVE-2020-16587
* SECURITY UPDATE: DoS via null pointer dereference
- debian/patches/CVE-2020-16588.patch: fix logic for 1 pixel high/wide
preview images in exrmakepreview/makePreview.cpp.
- CVE-2020-16588
* SECURITY UPDATE: DoS via heap overflow in writeTileData
- debian/patches/CVE-2020-16589.patch: validate tile coordinates when
doing copyPixels in IlmImf/ImfTiledInputFile.cpp.
- CVE-2020-16589
Date: 2020-12-11 14:14:24.853544+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.4
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes