An openexr security update has been released for Debian GNU/Linux 8 Extended LTS to address several vulnerabilities.
ELA-469-1 openexr security update
Package openexr
ELA-469-1 openexr security update
Version 1.6.1-8+deb8u3
Related CVEs CVE-2021-3605 CVE-2021-20300 CVE-2021-20303
Several vulnerabilities were discovered in OpenEXR, a library and tools for the OpenEXR high dynamic-range (HDR) image format. An attacker could cause a denial of service (DoS) through application crash, and possibly execute code.
For Debian 8 jessie, these problems have been fixed in version 1.6.1-8+deb8u3.
We recommend that you upgrade your openexr packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
