Update Info

SUSE-PackageHub-16.0-660

Security update for openexr

Type: security
Severity: important
Issued: 2026-04-29
Description:
This update for openexr fixes the following issues:

- CVE-2026-40244: integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (bsc#1262426).
- CVE-2026-40250: integer overflow in DWA decoder outBufferEnd pointer arithmetic (bsc#1262425).

References

Packages

  • openexr-3.2.2-160000.7.1