bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and

From:	Vinicius Monego
Subject:	bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475
Date:	Mon, 05 Jul 2021 23:46:15 +0000

Hi,

I found [1] which lists which versions of OpenEXR are vulnerable to
which CVE. All the CVEs mentioned here were fixed in version 2.5.4 [2],
while we are currently tracking version 2.5.5, for which there are no
known CVEs.

I will close this issue. Feel free to reopen if I missed anything.

[1]
https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md

[2]
https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-254-december-31-2020

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475, Vinicius Monego <=

Prev by Date: bug#49355: [guix-jupyter] timeout issue running the kernel
Next by Date: bug#48974: A possible shepherd bug (it's very minor)
Previous by thread: bug#47018: core-updates: make check fails when guix-daemon is running
Next by thread: bug#49427: grpc build failure
Index(es):
- Date
- Thread