File _patchinfo of Package patchinfo.19379

<patchinfo incident="19379">
  <issue tracker="cve" id="2021-3479"/>
  <issue tracker="cve" id="2021-26260"/>
  <issue tracker="cve" id="2021-23215"/>
  <issue tracker="cve" id="2021-3477"/>
  <issue tracker="cve" id="2021-20296"/>
  <issue tracker="bnc" id="1185217">VUL-0: CVE-2021-26260: OpenEXR,openexr: Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers</issue>
  <issue tracker="bnc" id="1184355">VUL-0: CVE-2021-20296: openexr: Segv on unknown address in Imf_2_5:hufUncompress - Null Pointer dereference</issue>
  <issue tracker="bnc" id="1184353">VUL-0: CVE-2021-3477: openexr: Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts</issue>
  <issue tracker="bnc" id="1184354">VUL-0: CVE-2021-3479: openexr: Out-of-memory caused by allocation of a very large buffer</issue>
  <issue tracker="bnc" id="1185216">VUL-0: CVE-2021-23215: OpenEXR,openexr: Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openexr</summary>
  <description>This update for openexr fixes the following issues:

- CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216).
- CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217).
- CVE-2021-20296: Fixed a  Null Pointer dereference in Imf_2_5:hufUncompress (bsc#1184355).
- CVE-2021-3477: Fixed a Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353).
- CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very large buffer (bsc#1184354).
</description>
</patchinfo>