Summary: | <media-libs/opencv-{2.4.13-r2, 3.3.0-r1}: Multiple Denial of Service Vulnerabilities (CVE-2017-{12864,12863,12862}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Aleksandr Wagner (Kivak) <alwag> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | amynka, dilfridge |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa cve blocked] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 627230 | ||
Bug Blocks: |
Description
Aleksandr Wagner (Kivak)
2017-08-15 18:49:01 UTC
Upstream fixed: https://github.com/opencv/opencv/pull/9383 Gentoo Security Padawan ChrisADR commit a900af241376ab156509ae9a3832dfeb332d95b7 Author: Amy Liffey <amynka@gentoo.org> Date: Fri Sep 1 13:34:13 2017 +0200 media-libs/opencv: 2.4.13 add imgcodecs patch bug #627958 I will fix it for 3.x versions by version bump to 3.3.0 and applying the patch soon. commit bf987cafbb90f2c798f98539141121d20ddfd796D Author: Amy Liffey <amynka@gentoo.org> Date: Tue Sep 19 09:46:54 2017 +0200 media-libs/opencv: version bump 3.3.0 bug #629534 - Patch for CVEs bug #627958 - Add required use for bug #621986 - Version bump fixes bug #627954 Fixes for version 3.* vulnerable versions 3.1 and 3.2 still in tree. Future stabilization will occur on bug 627230. Added to existing GLSA request. This issue was resolved and addressed in GLSA 201712-02 at https://security.gentoo.org/glsa/201712-02 by GLSA coordinator Thomas Deutschmann (whissi). |