MGASA-2020-0189 - Updated openexr packages fix security vulnerabilities

Publication date: 05 May 2020
URL: https://advisories.mageia.org/MGASA-2020-0189.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-11758,
     CVE-2020-11759,
     CVE-2020-11760,
     CVE-2020-11761,
     CVE-2020-11762,
     CVE-2020-11763,
     CVE-2020-11764,
     CVE-2020-11765

The updated packages fix security vulnerabilities:

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds
read in ImfOptimizedPixelReading.h. (CVE-2020-11758)

An issue was discovered in OpenEXR before 2.4.1. Because of integer
overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and
readSampleCountForLineBlock, an attacker can write to an out-of-bounds
pointer. (CVE-2020-11759)

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds
read during RLE uncompression in rleUncompress in ImfRle.cpp.
(CVE-2020-11760)

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds
read during Huffman uncompression, as demonstrated by FastHufDecoder::refill
in ImfFastHuf.cpp. (CVE-2020-11761)

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds
read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when
handling the UNKNOWN compression case. (CVE-2020-11762)

An issue was discovered in OpenEXR before 2.4.1. There is an std::vector
out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
(CVE-2020-11763)

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds
write in copyIntoFrameBuffer in ImfMisc.cpp. (CVE-2020-11764)

An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error
in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier,
leading to an out-of-bounds read. (CVE-2020-11765)

References:
- https://bugs.mageia.org/show_bug.cgi?id=26551
- https://usn.ubuntu.com/4339-1/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11758
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11759
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11760
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11761
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11762
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11763
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11764
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11765

SRPMS:
- 7/core/openexr-2.3.0-2.2.mga7