Bug#1123963: openexr: CVE-2025-12839 CVE-2025-128340
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 30 11:39:04 GMT 2025
Control: retitle -1 openexr: CVE-2025-12495 CVE-2025-12839 CVE-2025-128340
Hi,
On Thu, Dec 25, 2025 at 08:44:46AM +0100, Salvatore Bonaccorso wrote:
> Source: openexr
> Version: 3.1.13-2
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
>
> Hi,
>
> The following vulnerabilities were published for openexr.
>
> The information found so far is unfortunately very light, the ZDI
> advisory only add that they are fixed in the v3.4.3 release, cf. [2].
According to https://www.zerodayinitiative.com/advisories/ZDI-25-989/,
CVE-2025-12495 is as well covered by that upstream release.
Regards,
Salvatore
More information about the Pkg-phototools-devel
mailing list