[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2017-12596/openexr: reference common 2017-911x patch

Tue Jun 22 22:07:15 BST 2021


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6e9cc77 by Sylvain Beucler at 2021-06-22T23:04:10+02:00
CVE-2017-12596/openexr: reference common 2017-911x patch

- - - - -
d2433469 by Sylvain Beucler at 2021-06-22T23:04:11+02:00
CVE-2017-9114/openexr: fix patch ref
verified with PoC
.../exr2aces id:000132,sig:11,src:000895,op:havoc,rep:32 /dev/null

- - - - -
31e4e15f by Sylvain Beucler at 2021-06-22T23:04:13+02:00
CVE-2020-15304/openexr: reference vulnerable commit

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75857,9 +75857,10 @@ CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tile
 	- openexr 2.5.3-2
 	[buster] - openexr <not-affected> (Vulnerable code not present)
 	[stretch] - openexr <not-affected> (Vulnerable code not present)
-	[jessie] - openexr <no-dsa> (Minor issue)
+	[jessie] - openexr <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/727
-	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/36e05c14c612a89c43d4e0b013669ecd7f8e3440
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/36e05c14c612a89c43d4e0b013669ecd7f8e3440 (v3.0.4)
+	NOTE: Introduced by https://github.com/AcademySoftwareFoundation/openexr/commit/e79d2296496a50826a15c667bf92bdc5a05518b4 (v2.4.1)
 CVE-2020-15303
 	RESERVED
 CVE-2020-15302 (In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A0397 ...)
@@ -243067,7 +243068,8 @@ CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer ove
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr 1.6.1-6+deb7u1
 	NOTE: https://github.com/openexr/openexr/issues/238
-	NOTE: Upstream fix https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/49db4a4192482eec9c27669f75db144cf5434804 (v2.2.1)
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c (v2.3.0)
 CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dic ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -253473,12 +253475,12 @@ CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator fu
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/401#issuecomment-513721310 (v2.4.0)
 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in  ...)
 	{DSA-4755-1 DLA-2358-1}
-	- openexr 2.5.3-2 (bug #873885)
+	- openexr 2.2.0-11.1 (bug #873885)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-	NOTE: Same patchset as CVE-2017-9111/9113/9115
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/49db4a4192482eec9c27669f75db144cf5434804 (v2.2.1)
 CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...)
 	{DSA-4755-1 DLA-2358-1}
 	- openexr 2.5.3-2 (low; bug #873885)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ce3a287bdc2afec974877d829a95732670cafe8c...31e4e15f232bfcf0790fa6a742a19c84bc83f9c9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ce3a287bdc2afec974877d829a95732670cafe8c...31e4e15f232bfcf0790fa6a742a19c84bc83f9c9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210622/14dc4acf/attachment.htm>
