Issued:: 2024-11-04
Updated:: 2024-11-04

RHSA-2024:8801 - Security Advisory

Overview
Updated Packages

Synopsis

Important: openexr security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openexr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR.

Security Fix(es):

OpenEXR: Heap Overflow in Scanline Deep Data Parsing (CVE-2023-5841)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

BZ - 2262397 - CVE-2023-5841 OpenEXR: Heap Overflow in Scanline Deep Data Parsing

CVEs

CVE-2023-5841

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
x86_64
openexr-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: f99403cf59838f226887edd23c839051eec0c0c9bcd64e5e2786d96c0996702a
openexr-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 725889e6932ab468982f3f71999a8a4b00a737fe75e3b0cd5d0c614b0db1e3a8
openexr-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: a3193120fd493705f64772d937bdb596747204c67383fc417e44aec826563abf
openexr-debugsource-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 64054479ea045c7d22e6857f467043a19168a6e1980bbdf01929a0b687e1a10f
openexr-debugsource-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 23b59084f75ec9ae486dd45a596adcdb67384bd3ef15cdded0dfde679aca7be1
openexr-libs-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 449fd27f76b502818a6376574e2f7db1f896998e8b703d3b9a14c00f76ce98df
openexr-libs-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 3d4968f79de586198326b36568e6e470d9b3e0414e8be41b4d7e235b9ba5e49c
openexr-libs-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: f57583fcdaa95728154859beb926ea32dfedcec96dd0c3877e66b80a66566878
openexr-libs-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 370477848512e8e8b2c7857d142a0b51749c66e7ce895e27535de48f76ea73f5

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
x86_64
openexr-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: f99403cf59838f226887edd23c839051eec0c0c9bcd64e5e2786d96c0996702a
openexr-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 725889e6932ab468982f3f71999a8a4b00a737fe75e3b0cd5d0c614b0db1e3a8
openexr-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: a3193120fd493705f64772d937bdb596747204c67383fc417e44aec826563abf
openexr-debugsource-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 64054479ea045c7d22e6857f467043a19168a6e1980bbdf01929a0b687e1a10f
openexr-debugsource-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 23b59084f75ec9ae486dd45a596adcdb67384bd3ef15cdded0dfde679aca7be1
openexr-libs-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 449fd27f76b502818a6376574e2f7db1f896998e8b703d3b9a14c00f76ce98df
openexr-libs-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 3d4968f79de586198326b36568e6e470d9b3e0414e8be41b4d7e235b9ba5e49c
openexr-libs-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: f57583fcdaa95728154859beb926ea32dfedcec96dd0c3877e66b80a66566878
openexr-libs-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 370477848512e8e8b2c7857d142a0b51749c66e7ce895e27535de48f76ea73f5

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
s390x
openexr-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 5472d6d50001784cf02c2151e0c21aa18bba608ab7691d233eb3ddca1ee7a2a7
openexr-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 3f2339ff92f5e93e6ed457f7d2763cb6e0211f3fdb9ff931d42b513f9731893b
openexr-debugsource-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 6ff798c239242b8254e194d5a5d84f48318c0f81d9dd1c1461331b1cb3b5e786
openexr-libs-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 3f6c4041a15144ffb5408aba9135a33c284d7583846410cfd152b8729ae00400
openexr-libs-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: ed07548a35c428c2c8ce128b0eb67bb07c12c0acc84a43a1508be899d007d011

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
ppc64le
openexr-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 9ee8ef8bde4ef6b903b11bf6bf94de71317da5361840d4197b0157ef6b79d367
openexr-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 88b7294689124d968bd256012dc96c13eaca4e70ddd0353b1c711048a79b78d5
openexr-debugsource-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: f1acd550d593328d5d09761677113d07b13ed1032be25ccbe7497377ed6ca4ed
openexr-libs-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: ada33fcb83700a6a580cd609c32ab941061ad1ce42a3dfcf13702cb6181ca9ad
openexr-libs-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: bc60ce75ab2c818e0de99b63d774dbad953a1fed3dc43f1b5da0ae6f6d40537d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
aarch64
openexr-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 4ac3b943d79d55416e05996ffa2ab52633b3c7591524b6d9b4630ae76e5b63cf
openexr-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: ec69c34deb7356d28f18d9a353725fd8554545aa33d0835fd17f29804e38e22b
openexr-debugsource-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 2bc2d247e6f1b65a59d37d1931608507cf4abaf46e31457fec42b6bb50edb767
openexr-libs-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: cce72fd0a916e292a6e21876e81a439ae0f6e90c6b5cac5641f44036394389c6
openexr-libs-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 674b0493f1230d613d67526c720a97e5c5f7cfe059b5fb5af8dd5bf216dda9ec

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
ppc64le
openexr-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 9ee8ef8bde4ef6b903b11bf6bf94de71317da5361840d4197b0157ef6b79d367
openexr-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 88b7294689124d968bd256012dc96c13eaca4e70ddd0353b1c711048a79b78d5
openexr-debugsource-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: f1acd550d593328d5d09761677113d07b13ed1032be25ccbe7497377ed6ca4ed
openexr-libs-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: ada33fcb83700a6a580cd609c32ab941061ad1ce42a3dfcf13702cb6181ca9ad
openexr-libs-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: bc60ce75ab2c818e0de99b63d774dbad953a1fed3dc43f1b5da0ae6f6d40537d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
x86_64
openexr-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: f99403cf59838f226887edd23c839051eec0c0c9bcd64e5e2786d96c0996702a
openexr-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 725889e6932ab468982f3f71999a8a4b00a737fe75e3b0cd5d0c614b0db1e3a8
openexr-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: a3193120fd493705f64772d937bdb596747204c67383fc417e44aec826563abf
openexr-debugsource-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 64054479ea045c7d22e6857f467043a19168a6e1980bbdf01929a0b687e1a10f
openexr-debugsource-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 23b59084f75ec9ae486dd45a596adcdb67384bd3ef15cdded0dfde679aca7be1
openexr-libs-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 449fd27f76b502818a6376574e2f7db1f896998e8b703d3b9a14c00f76ce98df
openexr-libs-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 3d4968f79de586198326b36568e6e470d9b3e0414e8be41b4d7e235b9ba5e49c
openexr-libs-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: f57583fcdaa95728154859beb926ea32dfedcec96dd0c3877e66b80a66566878
openexr-libs-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 370477848512e8e8b2c7857d142a0b51749c66e7ce895e27535de48f76ea73f5

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2

SRPM
x86_64
openexr-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 725889e6932ab468982f3f71999a8a4b00a737fe75e3b0cd5d0c614b0db1e3a8
openexr-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: a3193120fd493705f64772d937bdb596747204c67383fc417e44aec826563abf
openexr-debugsource-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 64054479ea045c7d22e6857f467043a19168a6e1980bbdf01929a0b687e1a10f
openexr-debugsource-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 23b59084f75ec9ae486dd45a596adcdb67384bd3ef15cdded0dfde679aca7be1
openexr-devel-3.1.1-2.el9_2.1.i686.rpm	SHA-256: 15beaabe66009116a92701e3e954330caf92768d1202c280fea41a2902e4ba0d
openexr-devel-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 387cb8076cf622bcf0417fef12f3d8b2c4375365b2a0f67aa28ec195fb5f0073
openexr-libs-debuginfo-3.1.1-2.el9_2.1.i686.rpm	SHA-256: f57583fcdaa95728154859beb926ea32dfedcec96dd0c3877e66b80a66566878
openexr-libs-debuginfo-3.1.1-2.el9_2.1.x86_64.rpm	SHA-256: 370477848512e8e8b2c7857d142a0b51749c66e7ce895e27535de48f76ea73f5

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2

SRPM
ppc64le
openexr-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 88b7294689124d968bd256012dc96c13eaca4e70ddd0353b1c711048a79b78d5
openexr-debugsource-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: f1acd550d593328d5d09761677113d07b13ed1032be25ccbe7497377ed6ca4ed
openexr-devel-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: 64e9b098291d4994dd803ebe43c88e35143a9833969ff2cb6dc5e2252e42d310
openexr-libs-debuginfo-3.1.1-2.el9_2.1.ppc64le.rpm	SHA-256: bc60ce75ab2c818e0de99b63d774dbad953a1fed3dc43f1b5da0ae6f6d40537d

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2

SRPM
s390x
openexr-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 3f2339ff92f5e93e6ed457f7d2763cb6e0211f3fdb9ff931d42b513f9731893b
openexr-debugsource-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 6ff798c239242b8254e194d5a5d84f48318c0f81d9dd1c1461331b1cb3b5e786
openexr-devel-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: a46f653a3404da5f6de730afcec022b2a6be4e9d3e7b0f34cb733d6f029a2d5a
openexr-libs-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: ed07548a35c428c2c8ce128b0eb67bb07c12c0acc84a43a1508be899d007d011

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2

SRPM
aarch64
openexr-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: ec69c34deb7356d28f18d9a353725fd8554545aa33d0835fd17f29804e38e22b
openexr-debugsource-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 2bc2d247e6f1b65a59d37d1931608507cf4abaf46e31457fec42b6bb50edb767
openexr-devel-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 2353cac746e53854a06eee939d9974d844b041b1b97884de3ee33b3e12344a6d
openexr-libs-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 674b0493f1230d613d67526c720a97e5c5f7cfe059b5fb5af8dd5bf216dda9ec

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
aarch64
openexr-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 4ac3b943d79d55416e05996ffa2ab52633b3c7591524b6d9b4630ae76e5b63cf
openexr-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: ec69c34deb7356d28f18d9a353725fd8554545aa33d0835fd17f29804e38e22b
openexr-debugsource-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 2bc2d247e6f1b65a59d37d1931608507cf4abaf46e31457fec42b6bb50edb767
openexr-libs-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: cce72fd0a916e292a6e21876e81a439ae0f6e90c6b5cac5641f44036394389c6
openexr-libs-debuginfo-3.1.1-2.el9_2.1.aarch64.rpm	SHA-256: 674b0493f1230d613d67526c720a97e5c5f7cfe059b5fb5af8dd5bf216dda9ec

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
openexr-3.1.1-2.el9_2.1.src.rpm	SHA-256: 23ba6c40643c6124c2d571dc1013dbf55225aa9d9d985d501a3238b7087b72cb
s390x
openexr-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 5472d6d50001784cf02c2151e0c21aa18bba608ab7691d233eb3ddca1ee7a2a7
openexr-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 3f2339ff92f5e93e6ed457f7d2763cb6e0211f3fdb9ff931d42b513f9731893b
openexr-debugsource-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 6ff798c239242b8254e194d5a5d84f48318c0f81d9dd1c1461331b1cb3b5e786
openexr-libs-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: 3f6c4041a15144ffb5408aba9135a33c284d7583846410cfd152b8729ae00400
openexr-libs-debuginfo-3.1.1-2.el9_2.1.s390x.rpm	SHA-256: ed07548a35c428c2c8ce128b0eb67bb07c12c0acc84a43a1508be899d007d011

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation