Ubuntu
openexr package

openexr 1.2.2-4.4ubuntu1.1 source package in Ubuntu

Changelog

openexr (1.2.2-4.4ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple integer overflows
    - debian/patches/02-security-CVE-2009-1720.patch: make sure we don't
      overflow INT_MAX in IlmImf/{ImfPizCompressor,ImfPreviewImage,
      ImfPxr24Compressor,ImfRleCompressor,ImfZipCompressor}.cpp.
    - CVE-2009-1720
  * SECURITY UPDATE: denial of service and possible code execution via
    uninitialized pointer free in Imf::hufUncompress
    - debian/patches/03-security-CVE-2009-1721.patch: introduce
      hufClearDecTable function and use it to clear out hdec, add error
      checking to IlmImf/ImfHuf.cpp.
    - CVE-2009-1721
  * SECURITY UPDATE: denial of service and possible code execution via
    buffer overflow in the compression implementation
    - debian/patches/04-security-CVE-2009-1722.patch: validate maximum
      image and tile sizes in IlmImf/ImfHeader.cpp, IlmImf/ImfHeader.h,
      IlmImf/ImfPizCompressor.cpp.
    - CVE-2009-1722

 -- Marc Deslauriers <email address hidden>   Thu, 10 Sep 2009 08:24:15 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
graphics
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openexr_1.2.2.orig.tar.gz 8.9 MiB 77e6e93cb40d5f6d69b26c05ca9738cdcc3978753e0053c9115026d7adaefc8d
openexr_1.2.2-4.4ubuntu1.1.diff.gz 14.2 KiB d61d706c0c86498b0c454676a834506ec88573f3202b4b30e6ec5d926ec751c9
openexr_1.2.2-4.4ubuntu1.1.dsc 854 bytes 1388572dca261f27c665b68bffc3ec3654cc8ac84dd8ffdc930ed92465fe2091

View changes file

Binary packages built by this source

libopenexr-dev: No summary available for libopenexr-dev in ubuntu hardy.

No description available for libopenexr-dev in ubuntu hardy.

libopenexr2ldbl: No summary available for libopenexr2ldbl in ubuntu hardy.

No description available for libopenexr2ldbl in ubuntu hardy.

openexr: No summary available for openexr in ubuntu hardy.

No description available for openexr in ubuntu hardy.