FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
98044aba-6d72-11eb-aed7-1b1b8a70cc8bopenexr, ilmbase -- security fixes related to reading corrupted input files

Cary Phillips reports:

Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files[...].


Discovery 2021-02-12
Entry 2021-02-12
ilmbase
< 2.5.5

openexr
< 2.5.5

https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.5
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.4
CVE-2021-20296
CVE-2021-3479
CVE-2021-3478
CVE-2021-3477
CVE-2021-3476
CVE-2021-3475
CVE-2021-3474
f2596f27-db4c-11eb-8bc6-c556d71493c9openexr v3.0.5 -- fixes miscellaneous security issues

Cary Phillips reports:

  • 1038 fix/extend part number validation in MultiPart methods
  • 1037 verify data size in deepscanlines with NO_COMPRESSION
  • 1036 detect buffer overflows in RleUncompress

Discovery 2021-06-03
Entry 2021-07-02
openexr
< 3.0.5

https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.0.5