[CLSA-2026:1776950014] openexr: Fix of CVE-2026-34588
Type:
security
Severity:
Important
Release date:
2026-04-23 13:13:38 UTC
Description:
- CVE-2026-34588 fix signed 32-bit integer overflow in PIZ decoder wavelet buffer arithmetic leading to out-of-bounds read/write
Updated packages:
  • openexr-3.1.1-3.el9.tuxcare.els4.x86_64.rpm
    sha:fa2e8c3411cf3498371055ce106e9ae1b100fc2d51601edd03a0dc5fd541307b
  • openexr-devel-3.1.1-3.el9.tuxcare.els4.i686.rpm
    sha:b0af01bef37bc7a9e9d4215947f2b3bfd846f70c4bb2f57173244e47b5061317
  • openexr-devel-3.1.1-3.el9.tuxcare.els4.x86_64.rpm
    sha:f326106732774e9f77fdef5b64a079e72b3dc59e72a44cb50dcff19183444841
  • openexr-libs-3.1.1-3.el9.tuxcare.els4.i686.rpm
    sha:83f0ce482c92af35304ff9e23b26964d2e56f0c56075ce57d0140dafa51a7664
  • openexr-libs-3.1.1-3.el9.tuxcare.els4.x86_64.rpm
    sha:7e89ebc5b8ee3be0ec9d867dd21d9644927e56f02df3b635cb53a19478597a8b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.