Debian Bug report logs -
#986796
CVE-2021-20296 CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478 CVE-2021-3479
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
:
Bug#986796
; Package openexr
.
(Mon, 12 Apr 2021 09:27:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
.
(Mon, 12 Apr 2021 09:27:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: openexr
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
CVE-2021-20296
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
https://github.com/AcademySoftwareFoundation/openexr/commit/b0c63c0b96eb9b0d3998f603e12f9f414fb0d44a
CVE-2021-3479
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25370
https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c
https://github.com/AcademySoftwareFoundation/openexr/pull/830
CVE-2021-3478
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
https://bugzilla.redhat.com/show_bug.cgi?id=1939160
https://github.com/AcademySoftwareFoundation/openexr/commit/bc88cdb6c97fbf5bc5d11ad8ca55306da931283a
CVE-2021-3477
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
https://bugzilla.redhat.com/show_bug.cgi?id=1939159
https://github.com/AcademySoftwareFoundation/openexr/commit/467be80b75642efbbe6bdace558079f68c16acb1
CVE-2021-3474
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831
https://github.com/AcademySoftwareFoundation/openexr/commit/c3ed4a1db1f39bf4524a644cb2af81dc8cfab33f
CVE-2021-3475
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297
https://github.com/AcademySoftwareFoundation/openexr/commit/2a18ed424a854598c2a20b5dd7e782b436a1e753
CVE-2021-3476
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787
https://github.com/AcademySoftwareFoundation/openexr/commit/eec0dba242bedd2778c973ae4af112107b33d9c9
Cheers,
Moritz
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Mon, 12 Apr 2021 09:39:05 GMT) (full text, mbox, link).
Marked as found in versions openexr/2.5.4-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Mon, 12 Apr 2021 09:39:05 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Tue Apr 13 08:07:32 2021;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.