FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenEXR -- heap buffer overflow, and out-of-memory bugs

Affected packages
ilmbase < 2.3.0_4
openexr < 2.3.0_3

Details

VuXML ID e4d9dffb-2a32-11ea-9693-e1b3f6feec79
Discovery 2018-10-17
Entry 2019-12-29

Cary Phillips reports:

OpenEXR (IlmBase) v2.4.0 fixes the following security vulnerabilities:

The relevant patches have been backported to the FreeBSD ports.

[source]

References

CVE Name CVE-2018-18443
CVE Name CVE-2018-18444
URL https://github.com/AcademySoftwareFoundation/openexr/issues/350
URL https://github.com/AcademySoftwareFoundation/openexr/issues/351
URL https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.0

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.