Accepted openexr 2.2.0-11+deb9u4 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 30 Jul 2021 20:59:52 +0200
Source: openexr
Binary: openexr openexr-doc libopenexr-dev libopenexr22
Architecture: source
Version: 2.2.0-11+deb9u4
Distribution: stretch-security
Urgency: high
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
libopenexr-dev - development files for the OpenEXR image library
libopenexr22 - runtime files for the OpenEXR image library
openexr - command-line tools for the OpenEXR image format
openexr-doc - documentation and examples for the OpenEXR image format
Changes:
openexr (2.2.0-11+deb9u4) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2021-3605: heap buffer overflow in the rleUncompress function.
* CVE-2021-20299: null-dereference READ when reading files with no parts/headers.
* CVE-2021-20300: integer-overflow in Imf_2_5::hufUncompress.
* CVE-2021-20302: floating-point-exception in
Imf_2_5::precalculateTileInfot.
* CVE-2021-20303: heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer.
Checksums-Sha1:
b4ddf4fc51c93024980e50d31141d9bd80088bea 2308 openexr_2.2.0-11+deb9u4.dsc
726b64a4a1873a5cdfa04c6b3eb73014533b15b9 36628 openexr_2.2.0-11+deb9u4.debian.tar.xz
b0973a135a51d8ccbc38b56def5206fdd1f37c21 6916 openexr_2.2.0-11+deb9u4_amd64.buildinfo
Checksums-Sha256:
7130e6cc84de8f3d4f8fb1a32583162df133615654a9b0aa5f6f5c02eab0d1b5 2308 openexr_2.2.0-11+deb9u4.dsc
98e32884bf15a95774d3f752b9c8de3e8ff1998b3473b5bb15490a71729fe58c 36628 openexr_2.2.0-11+deb9u4.debian.tar.xz
7747d2ef35f214ee644ab34c0b7f35be76c45d10556716894bf55cfcfdbea887 6916 openexr_2.2.0-11+deb9u4_amd64.buildinfo
Files:
e6b9ea8aeee683eaa11b6a92cdf9385d 2308 graphics optional openexr_2.2.0-11+deb9u4.dsc
ddda68d5ee97216fcf8e0f5d8c80a6e9 36628 graphics optional openexr_2.2.0-11+deb9u4.debian.tar.xz
35f55ae487bd39f8bf79fb2e4470a789 6916 graphics optional openexr_2.2.0-11+deb9u4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmEKzzQACgkQDTl9HeUl
XjD6fQ/+NJ38h1eqv7aZvpQKNSihy/dj6SnIwBCLR6uxdNhosqaYHhkXgjFBCWv2
10/wKIbEFAUtDcVB3DR4FKUVz9L4lgWuwQyMyOOCb4cbo7XnwqFyXlorr4qtLteM
S3kIy483il7ylMDOP5QRK9/do1cTetmFtAQfdW0YLFKP5Fekp2rL80kYHreXuXum
FRYBW3XZ27X3+MPgCbYTpd2QWPeZQ4jSAy1tzAKY780D2rBSi8YtarL2JQSq0F7X
6D9AoL1yv3Vo7ZwtS+1kLig6oipdiSgWZGT7nYDRIOLc7Ptmb+9lHXlpWkzUaOyH
n60Vq9WMUVFuMIObm0JZk+7iVir/YTJ/McoiOq2Y8D3446YPaU0iHQXDI1UC4SdC
L7D0sfPr9RryGcMvKpMVzYC/ruhWD7S2JZ4YRj6RSy2TZI2sH6HiMpeqqukkNi/y
2qsbNvm7IUQZtQ/05OaXaRtyVZf/BgoSDcU7uNloKgU4oqx70joKX/LfUkevbqDb
0v2uHhmlD+ci752Pzu/ReXSTg6lZwTUEfW/hcLUgXrTnnvFy4cpE6kky1pgNq+8g
UNccdF0B/G8ww85Ecyf/mmmxkPv8asxzlywQOX0N3uq9qvg+1ReFKc9+VVs7HF6p
FcTx643l6YX1Q+JBafFlUlcwepXklShMkDDdB3NM/fk+a7ETvow=
=qBmF
-----END PGP SIGNATURE-----