Fedora Linux 8646 Published by

An OpenImageIO security update has been released for Fedora 36.



SECURITY: Fedora 36 Update: OpenImageIO-2.3.21.0-1.fc36


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e63bc3eca2
2022-12-31 01:16:00.044425
--------------------------------------------------------------------------------

Name : OpenImageIO
Product : Fedora 36
Version : 2.3.21.0
Release : 1.fc36
URL :   https://sites.google.com/site/openimageio/home
Summary : Library for reading and writing images
Description :
OpenImageIO is a library for reading and writing images, and a bunch of related
classes, utilities, and applications. Main features include:
- Extremely simple but powerful ImageInput and ImageOutput APIs for reading and
writing 2D images that is format agnostic.
- Format plugins for TIFF, JPEG/JFIF, OpenEXR, PNG, HDR/RGBE, Targa, JPEG-2000,
DPX, Cineon, FITS, BMP, ICO, RMan Zfile, Softimage PIC, DDS, SGI,
PNM/PPM/PGM/PBM.
- An ImageCache class that transparently manages a cache so that it can access
truly vast amounts of image data.

--------------------------------------------------------------------------------
Update Information:

* Update to 2.3.21.0. * Security fix for CVE-2022-36354 CVE-2022-38143
CVE-2022-41639 CVE-2022-41684 CVE-2022-41794 CVE-2022-41838 CVE-2022-41977
CVE-2022-4198 CVE-2022-41988 CVE-2022-4199.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 22 2022 Richard Shaw - 2.3.21.0-1
- Update to 2.3.21.0.
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2139800 - CVE-2022-36354 CVE-2022-38143 CVE-2022-41639 CVE-2022-41684 CVE-2022-41794 CVE-2022-41838 CVE-2022-41977 CVE-2022-4198 CVE-2022-41988 CVE-2022-41999 OpenImageIO: Multiple Vulnerabilities [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2139800
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e63bc3eca2' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________