Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75cd1307 by Salvatore Bonaccorso at 2021-10-29T23:44:45+02:00
Drop opencv no-dsa tagged entries which got an update in DLA 2799-1
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -148888,7 +148888,6 @@ CVE-2019-15940 (Victure PC530 devices allow
unauthenticated TELNET access as roo
CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a
divide-by-zero err ...)
- opencv 4.1.2+dfsg-3
[buster] - opencv <no-dsa> (Minor issue)
- [stretch] - opencv <no-dsa> (Minor issue)
[jessie] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/OpenCV/opencv/issues/15287
NOTE: https://github.com/opencv/opencv/pull/15382
@@ -153716,7 +153715,6 @@ CVE-2019-14493 (An issue was discovered in OpenCV
before 4.1.1. There is a NULL
[experimental] - opencv 4.1.1+dfsg-1
- opencv 4.1.2+dfsg-3
[buster] - opencv <no-dsa> (Minor issue)
- [stretch] - opencv <no-dsa> (Minor issue)
[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
NOTE: https://github.com/opencv/opencv/issues/15127
NOTE:
https://github.com/opencv/opencv/commit/5691d998ead1d9b0542bcfced36c2dceb3a59023
@@ -235940,14 +235938,12 @@ CVE-2018-5269 (In OpenCV 3.3.1, an assertion
failure happens in cv::RBaseStream:
{DLA-1438-1 DLA-1354-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #886675)
- [stretch] - opencv <ignored> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/10540
NOTE: 2.4 backport:
https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
CVE-2018-5268 (In OpenCV 3.3.1, a heap-based buffer overflow happens in
cv::Jpeg2KDec ...)
{DLA-1438-1 DLA-1354-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #886674)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/10541
NOTE: 2.4 backport:
https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
CVE-2018-5267 (Cobham Sea Tel 121 build 222701 devices allow remote attackers
to bypa ...)
@@ -239596,7 +239592,6 @@ CVE-2017-1000450 (In
opencv/modules/imgcodecs/src/utils.cpp, functions FillUniCo
{DLA-1438-1 DLA-1235-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #886282)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9723
NOTE:
https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor
NOTE: https://github.com/opencv/opencv/pull/9726
@@ -241122,7 +241117,6 @@ CVE-2017-17760 (OpenCV 3.3.1 has a Buffer Overflow in
the cv::PxMDecoder::readDa
{DLA-1438-1 DLA-1235-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #885843)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/10351
NOTE:
https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c
CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive
informatio ...)
@@ -264294,19 +264288,16 @@ CVE-2017-12864 (In
opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumb
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #875345)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9372
CVE-2017-12863 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function
PxMDecoder::re ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #875344)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9371
CVE-2017-12862 (In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer
AutoBuffe ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #875342)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9370
CVE-2017-12861 (The Epson "EasyMP" software is designed to remotely stream a
users com ...)
NOT-FOR-US: Epson "EasyMP"
@@ -265129,25 +265120,21 @@ CVE-2017-12606 (OpenCV (Open Source Computer Vision
Library) through 3.3 has an
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12605 (OpenCV (Open Source Computer Vision Library) through 3.3 has
an out-of ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12604 (OpenCV (Open Source Computer Vision Library) through 3.3 has
an out-of ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12603 (OpenCV (Open Source Computer Vision Library) through 3.3 has
an invali ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12602 (OpenCV (Open Source Computer Vision Library) through 3.3 has a
denial ...)
[experimental] - opencv 3.4.4+dfsg-1~exp1
@@ -265160,7 +265147,6 @@ CVE-2017-12601 (OpenCV (Open Source Computer Vision
Library) through 3.3 has a b
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12600 (OpenCV (Open Source Computer Vision Library) through 3.3 has a
denial ...)
[experimental] - opencv 3.4.4+dfsg-1~exp1
@@ -265173,19 +265159,16 @@ CVE-2017-12599 (OpenCV (Open Source Computer Vision
Library) through 3.3 has an
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12598 (OpenCV (Open Source Computer Vision Library) through 3.3 has
an out-of ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has
an out-of ...)
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872044)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://github.com/opencv/opencv/issues/9309
CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer
over-read ...)
{DLA-2358-1}
@@ -328460,7 +328443,6 @@ CVE-2016-1516 (OpenCV 3.0.0 has a double free issue
that allows attackers to exe
{DLA-1438-1 DLA-1117-1}
[experimental] - opencv 3.4.4+dfsg-1~exp1
- opencv 3.2.0+dfsg-6 (bug #872043)
- [stretch] - opencv <no-dsa> (Minor issue)
NOTE: https://arxiv.org/pdf/1701.04739.pdf
NOTE: https://github.com/opencv/opencv/issues/5956
CVE-2016-1515
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75cd1307eae47c4d93954a3884287cd2f602e08c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75cd1307eae47c4d93954a3884287cd2f602e08c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
