Synopsis: Moderate: OpenEXR security update Advisory ID: SLSA-2020:4039-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-11763 CVE-2020-11764 CVE-2020-11761 -- Security Fix(es): * OpenEXR: out-of-bounds read during Huffman uncompression (CVE-2020-11761) * OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp (CVE-2020-11763) * OpenEXR: out-of-bounds write in copyIntoFrameBuffer function in ImfMisc.cpp (CVE-2020-11764) -- SL7 x86_64 OpenEXR-libs-1.7.1-8.el7.x86_64.rpm OpenEXR-libs-1.7.1-8.el7.i686.rpm OpenEXR-debuginfo-1.7.1-8.el7.i686.rpm OpenEXR-debuginfo-1.7.1-8.el7.x86_64.rpm OpenEXR-1.7.1-8.el7.x86_64.rpm OpenEXR-devel-1.7.1-8.el7.i686.rpm OpenEXR-devel-1.7.1-8.el7.x86_64.rpm - Scientific Linux Development Team