© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
eee2d0b
(Get the code!)
This bug was fixed in the package openexr - 2.2.0-11.1ubuntu1
---------------
openexr (2.2.0-11.1ubuntu1) bionic; urgency=medium
* Merge with Debian unstable (LP: #1742243). Remaining changes:
- Add ppc64el to the archs where to ignore test results.
openexr (2.2.0-11.1) unstable; urgency=high
* Non-maintainer upload.
* Fix CVE-2017-9110, CVE-2017-9112 and CVE-2017-9116.
Brandon Perry discovered that openexr was affected by an integer overflow
vulnerability and missing boundary checks that would allow a remote
attacker to cause a denial of service (application crash) via specially
crafted image files. (Closes: #864078)
-- Nishanth Aravamudan <email address hidden> Tue, 09 Jan 2018 10:49:25 -0800