openexr 2.2.0-11.1ubuntu1.6 source package in Ubuntu

Changelog

openexr (2.2.0-11.1ubuntu1.6) bionic-security; urgency=medium

  * SECURITY UPDATE: shift overflow in FastHufDecoder
    - debian/patches/CVE-2021-3474.patch: compute Huf codelengths using 64
      bit to prevent shift overflow in IlmImf/ImfFastHuf.cpp.
    - CVE-2021-3474
  * SECURITY UPDATE: integer overflow in calculateNumTiles
    - debian/patches/CVE-2021-3475.patch: compute level size with 64 bits
      to avoid overflow in IlmImf/ImfTiledMisc.cpp.
    - CVE-2021-3475
  * SECURITY UPDATE: shift overflows
    - debian/patches/CVE-2021-3476.patch: ignore unused bits in B44 mode
      detection in IlmImf/ImfB44Compressor.cpp.
    - CVE-2021-3476
  * SECURITY UPDATE: out-of-bounds read via deep tile sample size
    - debian/patches/CVE-2021-3477.patch: fix overflow computing deeptile
      sample table size in IlmImf/ImfDeepTiledInputFile.cpp.
    - CVE-2021-3477
  * SECURITY UPDATE: memory consumption via input file
    - debian/patches/CVE-2021-3478-pre1.patch: reduce size limit for
      scanline files; prevent large chunkoffset allocations in
      IlmImf/ImfCompressor.cpp, IlmImf/ImfCompressor.h, IlmImf/ImfMisc.cpp,
      IlmImf/ImfMultiPartInputFile.cpp, IlmImf/ImfScanLineInputFile.cpp.
    - debian/patches/CVE-2021-3478.patch: sanity check ScanlineInput
      bytesPerLine instead of lineOffset size in
      IlmImf/ImfScanLineInputFile.cpp.
    - CVE-2021-3478
  * SECURITY UPDATE: memory consumption in scanline API
    - debian/patches/CVE-2021-3479-pre1.patch: address issues reported by
      Undefined Behavior Sanitizer in IlmImf/ImfInputFile.cpp.
    - debian/patches/CVE-2021-3479.patch: more efficient handling of filled
      channels reading tiles with scanline API in IlmImf/ImfInputFile.cpp,
      IlmImfTest/testScanLineApi.cpp.
    - CVE-2021-3479

 -- Marc Deslauriers <email address hidden>  Thu, 01 Apr 2021 08:47:09 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
graphics
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openexr_2.2.0.orig.tar.gz 13.8 MiB 36a012f6c43213f840ce29a8b182700f6cf6b214bea0d5735594136b44914231
openexr_2.2.0-11.1ubuntu1.6.debian.tar.xz 36.3 KiB c5a68cbdca446f84c8806fb756f1fe2761f38cfb9adfea0c4a91d5ac18dc2c8f
openexr_2.2.0-11.1ubuntu1.6.dsc 2.3 KiB 6b42a9eeda90e34a5ffabdf0e951f45a84c04a85c3818e9553fada90bb8487bf

View changes file

Binary packages built by this source

libopenexr-dev: development files for the OpenEXR image library

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the header files required if you wish to
 compile/develop applications that use OpenEXR libraries.

libopenexr22: runtime files for the OpenEXR image library

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the following shared library:
    * IlmImf - a library that reads and writes OpenEXR images.

libopenexr22-dbgsym: debug symbols for libopenexr22
openexr: command-line tools for the OpenEXR image format

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains the following tools:
    * exrheader, a utility for dumping header information.
    * exrstdattr, a utility for modifying OpenEXR standard attributes.
    * exrmaketiled, for generating tiled and rip/mipmapped images.
    * exrenvmap, for creating OpenEXR environment maps.
    * exrmakepreview, for creating preview images for OpenEXR files.

openexr-dbgsym: debug symbols for openexr
openexr-doc: documentation and examples for the OpenEXR image format

 OpenEXR is a high dynamic-range (HDR) image file format developed by
 Industrial Light & Magic for use in computer imaging applications.
 .
 OpenEXR's features include:
    * Higher dynamic range and colour precision than existing 8- and
      10-bit image file formats.
    * Support for the "half" 16-bit floating-point pixel format.
    * Multiple lossless image compression algorithms. Some of the
      included codecs can achieve 2:1 lossless compression ratios on
      images with film grain.
    * Extensibility. New compression codecs and image types can easily
      be added by extending the C++ classes included in the OpenEXR
      software distribution. New image attributes (strings, vectors,
      integers, etc.) can be added to OpenEXR image headers without
      affecting backward compatibility with existing OpenEXR
      applications.
 .
 This package contains documentation for the format and examples