[Git][security-tracker-team/security-tracker][master] openexr: The complete #873885 upstream fixes were actually later

Adrian Bunk bunk at debian.org
Sun Aug 30 19:12:55 BST 2020 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
44e5e693 by Adrian Bunk at 2020-08-30T21:12:38+03:00
openexr: The complete #873885 upstream fixes were actually later

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -196476,7 +196476,7 @@ CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress fun
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ...)
 	{DSA-4755-1}
-	- openexr 2.2.1-4 (bug #873885)
+	- openexr 2.5.3-2 (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
@@ -196484,7 +196484,7 @@ CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator fu
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in  ...)
 	{DSA-4755-1}
-	- openexr 2.2.1-4 (bug #873885)
+	- openexr 2.5.3-2 (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
@@ -196492,7 +196492,7 @@ CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill functio
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...)
 	{DSA-4755-1}
-	- openexr 2.2.1-4 (low; bug #873885)
+	- openexr 2.5.3-2 (low; bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
@@ -196507,7 +196507,7 @@ CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits functi
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function  ...)
 	{DSA-4755-1}
-	- openexr 2.2.1-4 (bug #873885)
+	- openexr 2.5.3-2 (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44e5e693f0f1a2605e8d76abcf790ab0067cb108

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44e5e693f0f1a2605e8d76abcf790ab0067cb108
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200830/e73cd0c3/attachment.html>

More information about the debian-security-tracker-commits mailing list