Updated OpenEXR packages fix security vulnerability
Publication date: 03 Jan 2018Type: security
Affected Mageia releases : 5
CVE: CVE-2017-9110 , CVE-2017-9112 , CVE-2017-9116
Description
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash (CVE-2017-9110). In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash (CVE-2017-9112). In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash (CVE-2017-9116).
References
SRPMS
5/core
- OpenEXR-2.2.0-4.1.mga5