Ubuntu
openexr package

Please merge with Debian unstable 2.2.0-11.1

Bug #1742243 reported by Nish Aravamudan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openexr (Ubuntu)
Fix Released
Undecided
Nish Aravamudan

Bug Description

TBD

CVE References

Hans Joachim Desserud (hjd)
tags: added: needs-debian-merge upgrade-software-version
Revision history for this message
Nish Aravamudan (nacc) wrote :

openexr (2.2.0-11.1ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1742243). Remaining changes:
    - Add ppc64el to the archs where to ignore test results.

 -- Nishanth Aravamudan <email address hidden> Tue, 09 Jan 2018 10:49:25 -0800

Changed in openexr (Ubuntu):
assignee: nobody → Nish Aravamudan (nacc)
status: New → In Progress
Nish Aravamudan (nacc)
Changed in openexr (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openexr - 2.2.0-11.1ubuntu1

---------------
openexr (2.2.0-11.1ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1742243). Remaining changes:
    - Add ppc64el to the archs where to ignore test results.

openexr (2.2.0-11.1) unstable; urgency=high

  * Non-maintainer upload.
  * Fix CVE-2017-9110, CVE-2017-9112 and CVE-2017-9116.
    Brandon Perry discovered that openexr was affected by an integer overflow
    vulnerability and missing boundary checks that would allow a remote
    attacker to cause a denial of service (application crash) via specially
    crafted image files. (Closes: #864078)

 -- Nishanth Aravamudan <email address hidden> Tue, 09 Jan 2018 10:49:25 -0800

Changed in openexr (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.