Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42 mingw-openexr Security Advisory 2026-0e8fe3c8a3 Remote Code Exec

fedora
Calendar Grey January 26, 2026
Dist Fedora Esm H88
Update to mingw-openexr 3.3.6 resolves security issues like buffer overflows and remote code execution risks.
Update to openexr-3.3.6, fixes multiple security issues.

Summary

MinGW Windows openexr library.

Update Information:

Update to openexr-3.3.6, fixes multiple security issues.

Topics%20covered

Topics Covered

security advisory security issue fedora buffer overflow remote code execution mingw-openexr

Change Log

* Sat Jan 17 2026 Sandro Mani - 3.3.6-1 - Update to 3.3.6 * Sun Aug 10 2025 Sandro Mani - 3.3.5-2 - Rebuild (imath) * Sun Jul 27 2025 Sandro Mani - 3.3.5-1 - Update to 3.3.5 * Thu Jul 24 2025 Fedora Release Engineering - 3.3.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jun 9 2025 Sandro Mani - 3.3.4-1 - Update to 3.3.4 * Fri Mar 28 2025 Sandro Mani - 3.3.3-1 - Update to 3.3.3

References


[ 1 ] Bug #2417239 - CVE-2025-64183 mingw-openexr: use after free in PyObject_StealAttrString [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417239 [ 2 ] Bug #2417242 - CVE-2025-64183 mingw-openexr: use after free in PyObject_StealAttrString [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417242 [ 3 ] Bug #2417985 - CVE-2025-64182 mingw-openexr: buffer overflow in PyOpenEXR_old's channels() and channel() [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417985 [ 4 ] Bug #2417987 - CVE-2025-64182 mingw-openexr: buffer overflow in PyOpenEXR_old's channels() and channel() [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417987 [ 5 ] Bug #2418247 - CVE-2025-64181 mingw-openexr: Use of Uninitialized Memory inside generic_unpack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2418247 [ 6 ] Bug #2418249 - CVE-2025-64181 mingw-openexr: Use of Uninitialized Memory inside generic_unpack [fe...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0e8fe3c8a3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: mingw-openexr
Product: Fedora 42
Version: 3.3.6
Release: 1.fc42
URL: https://openexr.com/en/latest/
Summary: MinGW Windows openexr library

Topics%20covered

Topics Covered

security advisory security issue fedora buffer overflow remote code execution mingw-openexr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here