Open mariamarutunian opened 1 month ago
Summary
Vulnerabilities identified as CVE-2021-45942 and CVE-2021-20304 were discovered and fixed in OpenEXR's. However, related files are not updated in the POV-Ray project.
POV-Ray Version
Affected build version: < 3.7.0.10
Details
They were fixed on OpenEXR's with the following commits: - https://github.com/AcademySoftwareFoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0 -, https://github.com/AcademySoftwareFoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e. But, the POV-Ray project contains an old version of OpenEXR's.
References
Report Origin
The bug is reported by a tool developed at CAST.
Summary
Vulnerabilities identified as CVE-2021-45942 and CVE-2021-20304 were discovered and fixed in OpenEXR's. However, related files are not updated in the POV-Ray project.
POV-Ray Version
Affected build version: < 3.7.0.10
Details
They were fixed on OpenEXR's with the following commits: - https://github.com/AcademySoftwareFoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0 -, https://github.com/AcademySoftwareFoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e. But, the POV-Ray project contains an old version of OpenEXR's.
References
Report Origin
The bug is reported by a tool developed at CAST.