ELA-469-1 openexr security update

multiple vulnerabilities

2021-08-04
Packageopenexr
Version1.6.1-8+deb8u3
Related CVEs CVE-2021-3605 CVE-2021-20300 CVE-2021-20303


Several vulnerabilities were discovered in OpenEXR, a library and tools for the OpenEXR high dynamic-range (HDR) image format. An attacker could cause a denial of service (DoS) through application crash, and possibly execute code.



For Debian 8 jessie, these problems have been fixed in version 1.6.1-8+deb8u3.

We recommend that you upgrade your openexr packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.