In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact. Reference: https://github.com/xiaoqx/pocs/blob/master/openexr.md
Created OpenEXR tracking bugs for this issue: Affects: fedora-all [bug 1483882] Created mingw-OpenEXR tracking bugs for this issue: Affects: fedora-all [bug 1483881]
Following upstream issue @ https://github.com/openexr/openexr/issues/238