Mehrere Probleme in OpenEXR
ID: | SSA:2017-274-01 |
Distribution: | Slackware |
Plattformen: | Slackware -current, Slackware x86_64 -current, Slackware 14.2, Slackware x86_64 14.2 |
Datum: | Mo, 2. Oktober 2017, 00:55 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9110 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9114 |
Applikationen: | OpenEXR |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openexr (SSA:2017-274-01) New openexr packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openexr-2.2.0-i586-2_slack14.2.txz: Rebuilt. Patched bugs that may lead to program crashes or possibly execution of arbitrary code. Thanks to Thomas Choi for the patch. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9110 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9111 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9112 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9113 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9114 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9115 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9116 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openexr-2.2.0-i586-2_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openexr-2.2.0-x86_64-2_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/openexr-2.2.0-i586-2.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/openexr-2.2.0-x86_64-2.txz MD5 signatures: +-------------+ Slackware 14.2 package: 7f00592b5f0214f5091d87b355f26672 openexr-2.2.0-i586-2_slack14.2.txz Slackware x86_64 14.2 package: f6eb9dc47a20f9a15b982cd73f41d8df openexr-2.2.0-x86_64-2_slack14.2.txz Slackware -current package: 6248c0bebbb1fe703a45bc8d3392924e l/openexr-2.2.0-i586-2.txz Slackware x86_64 -current package: a7fb169236df1ad9efdbcf0ee278d524 l/openexr-2.2.0-x86_64-2.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg openexr-2.2.0-i586-2_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlnRP/sACgkQakRjwEAQIjOK9QCfS3nPlDZ19bDe8y2jhZ90x/F4 udgAn1zaqp0mZN+F/5dg9+yQW0aaPM3H =Y4Dw -----END PGP SIGNATURE----- |