mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-23 04:23:08 +00:00
Document graphics/ilmbase graphics/openexr vulnerabilities.
Security: e4d9dffb-2a32-11ea-9693-e1b3f6feec79 Security: CVE-2018-18443 Security: CVE-2018-18444
This commit is contained in:
parent
03535a0e4b
commit
4d15461f06
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=521274
@ -58,6 +58,44 @@ Notes:
|
||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="e4d9dffb-2a32-11ea-9693-e1b3f6feec79">
|
||||
<topic>OpenEXR -- heap buffer overflow, and out-of-memory bugs</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>ilmbase</name>
|
||||
<range><lt>2.3.0_4</lt></range>
|
||||
</package>
|
||||
<package>
|
||||
<name>openexr</name>
|
||||
<range><lt>2.3.0_3</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>Cary Phillips reports:</p>
|
||||
<blockquote cite="https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.0">
|
||||
<p>OpenEXR (IlmBase) v2.4.0 fixes the following security vulnerabilities:</p>
|
||||
<ul>
|
||||
<li>CVE-2018-18444 Issue #351 Out of Memory</li>
|
||||
<li>CVE-2018-18443 Issue #350 heap-buffer-overflow</li>
|
||||
</ul>
|
||||
<p>The relevant patches have been backported to the FreeBSD ports.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<url>https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.0</url>
|
||||
<url>https://github.com/AcademySoftwareFoundation/openexr/issues/350</url>
|
||||
<url>https://github.com/AcademySoftwareFoundation/openexr/issues/351</url>
|
||||
<cvename>CVE-2018-18443</cvename>
|
||||
<cvename>CVE-2018-18444</cvename>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2018-10-17</discovery>
|
||||
<entry>2019-12-29</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="7b97b32e-27c4-11ea-9673-4c72b94353b5">
|
||||
<topic>wordpress -- multiple issues</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user