Skip to content

v2.4.1
Compare
Choose a tag to compare
@cary-ilm cary-ilm released this 12 Feb 00:53
· 13 commits to RB-2.4 since this release
v2.4.1
0ca9b6e

Patch release with minor bug fixes.

Summary:

  • Various fixes for memory leaks and invalid memory accesses
  • Various fixes for integer overflow with large images.
  • Various cmake fixes for build/install of python modules.
  • ImfMisc.h is no longer installed, since it's a private header.

This version fixes the following security vulnerabilities:

  • CVE-2020-11765 There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::ClasGsifier, leading to an out-of-bounds read.
  • CVE-2020-11764 There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.
  • CVE-2020-11763 There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
  • CVE-2020-11762 There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
  • CVE-2020-11761 There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
  • CVE-2020-11760 There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
  • CVE-2020-11759 Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
  • CVE-2020-11758 There is an out-of-bounds read in ImfOptimizedPixelReading.h.
Assets 3