Control: retitle -1 openexr: CVE-2025-12495 CVE-2025-12839 CVE-2025-128340 Hi,
On Thu, Dec 25, 2025 at 08:44:46AM +0100, Salvatore Bonaccorso wrote: > Source: openexr > Version: 3.1.13-2 > Severity: important > Tags: security upstream > X-Debbugs-Cc: [email protected], Debian Security Team > <[email protected]> > > Hi, > > The following vulnerabilities were published for openexr. > > The information found so far is unfortunately very light, the ZDI > advisory only add that they are fixed in the v3.4.3 release, cf. [2]. According to https://www.zerodayinitiative.com/advisories/ZDI-25-989/, CVE-2025-12495 is as well covered by that upstream release. Regards, Salvatore
