Bug 29334

Summary: openexr new security issues CVE-2021-20299 and CVE-2021-2030[023]
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: openexr-2.3.0-2.4.mga7.src.rpm CVE:
Status comment: Fixed upstream in 2.5.4

Description David Walser 2021-08-05 18:48:11 CEST 
Debian-LTS has issued an advisory on August 4:
https://www.debian.org/lts/security/2021/dla-2732

Mageia 8 is also affected.
Comment 1 David Walser 2021-08-05 18:50:08 CEST 
Actually these issues were fixed upstream in 2.5.4, so we're not affected.

Status comment: (none) => Fixed upstream in 2.5.4
Source RPM: openexr-2.5.7-1.mga8.src.rpm => openexr-2.3.0-2.4.mga7.src.rpm
Resolution: (none) => OLD
Status: NEW => RESOLVED
Version: Cauldron => 7