Re: Bug#748130: scotch autoremoval from jessie not usefull : only stable/amd64 package has RC bug

2014-09-03 Thread Salvatore Bonaccorso
Hi Pierre, On Wed, Sep 03, 2014 at 11:27:02AM +0200, Pierre Saramito wrote: Dear all, The RC bug #748130 founded in the scotch library causes to mark for autoremoval many packages in the jessie distribution. Notice that the bug do not concern the actual jessie distribution : it is

Bug#756432: possible security issue on gummi/0.6.5-3

2015-10-08 Thread Salvatore Bonaccorso
Hi Daniel, On Thu, Oct 08, 2015 at 01:05:30PM +0200, Daniel Stender wrote: > On 08.10.2015 13:00, Salvatore Bonaccorso wrote: > > Hello Daniel, > > > > On Thu, Oct 08, 2015 at 12:20:27PM +0200, Daniel Stender wrote: > >> Hello, > >> > >> there was

Typo in Changelog (was: Re: Accepted freeimage 3.17.0+ds1-3 (source) into unstable)

2016-10-11 Thread Salvatore Bonaccorso
Hi, On Tue, Oct 11, 2016 at 07:20:47PM +, Ghislain Antony Vaillant wrote: >[ Ghislain Antony Vaillant ] >* Fix CVE-2016-5864: apply patch from wheezy-security. > Thanks to Salvatore Bonaccorso, Balint Reczey and Chris Lamb > (Closes: #839827) There is a typo i

Bug#872044: opencv: CVE-2017-12597 CVE-2017-12598 CVE-2017-12599 CVE-2017-12601 CVE-2017-12603 CVE-2017-12604 CVE-2017-12605 CVE-2017-12606

2017-08-13 Thread Salvatore Bonaccorso
Source: opencv Version: 2.4.9.1+dfsg1-2 Severity: important Tags: upstream security Forwarded: https://github.com/opencv/opencv/issues/9309 Hi, the following vulnerabilities were published for opencv. I'm still not filling them as individual bugs, since all are tracked in the upstream report at

Bug#872043: opencv: CVE-2016-1516 CVE-2016-1516

2017-08-13 Thread Salvatore Bonaccorso
Control: retitle -1 opencv: CVE-2016-1516 CVE-2016-1517 On Sun, Aug 13, 2017 at 08:39:14PM +0200, Salvatore Bonaccorso wrote: > Source: opencv > Version: 2.4.9.1+dfsg1-2 > Severity: important > Tags: upstream security > Forwarded: https://github.com/opencv/opencv/issu

Bug#872045: opencv: CVE-2017-12600 CVE-2017-12602

2017-08-13 Thread Salvatore Bonaccorso
Source: opencv Version: 2.4.9.1+dfsg1-2 Severity: important Tags: security upstream Forwarded: https://github.com/opencv/opencv/issues/9311 Hi, the following vulnerabilities were published for opencv. CVE-2017-12600[0]: | OpenCV (Open Source Computer Vision Library) through 3.3 has a denial |

Bug#864901: gnuplot: CVE-2017-9670: uninitialized stack variable vulnerability could lead to a Denial of Service

2017-06-16 Thread Salvatore Bonaccorso
Source: gnuplot Version: 5.0.5+dfsg1-6 Severity: important Tags: patch security upstream Forwarded: https://sourceforge.net/p/gnuplot/bugs/1933/ Hi, the following vulnerability was published for gnuplot. CVE-2017-9670[0]: | An uninitialized stack variable vulnerability in load_tic_series() in |

Bug#864901: All versions are affected

2017-06-16 Thread Salvatore Bonaccorso
Hi On Fri, Jun 16, 2017 at 09:44:00PM +0200, Anton Gladky wrote: > found 864901 4.6.6-2 > found 864901 4.6.0-8 Hmm, sure? See the linked analysis in the SuSE Bugzilla. Regards, Salvatore -- debian-science-maintainers mailing list debian-science-maintainers@lists.alioth.debian.org

Bug#875344: opencv: CVE-2017-12863: Integer overflow in PxMDecoder::readData

2017-09-10 Thread Salvatore Bonaccorso
Source: opencv Version: 2.4.9.1+dfsg-1 Severity: important Tags: upstream security Forwarded: https://github.com/opencv/opencv/issues/9371 Hi, the following vulnerability was published for opencv. CVE-2017-12863[0]: | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function |

Bug#875345: opencv: CVE-2017-12864: Integer overflow in ReadNumber

2017-09-10 Thread Salvatore Bonaccorso
Source: opencv Version: 2.4.9.1+dfsg-1 Severity: important Tags: security upstream Forwarded: https://github.com/opencv/opencv/issues/9372 Hi, the following vulnerability was published for opencv. CVE-2017-12864[0]: | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did | not

Bug#885843: opencv: CVE-2017-17760: Buffer overflow in grfmt_pxm.cpp::PxMDecoder::readData

2017-12-30 Thread Salvatore Bonaccorso
Source: opencv Version: 3.2.0+dfsg-4 Severity: important Tags: patch security upstream Forwarded: https://github.com/opencv/opencv/issues/10351 Hi, the following vulnerability was published for opencv. CVE-2017-17760[0]: | OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData |

Bug#886674: opencv: CVE-2018-5268

2018-01-08 Thread Salvatore Bonaccorso
Source: opencv Version: 3.2.0+dfsg-1 Severity: grave Tags: security Forwarded: https://github.com/opencv/opencv/issues/10541 Hi, the following vulnerability was published for opencv, please double-check. CVE-2018-5268[0]: | In OpenCV 3.3.1, a heap-based buffer overflow happens in |

Bug#886674: opencv: CVE-2018-5268

2018-01-08 Thread Salvatore Bonaccorso
Control: severity important Control: tags -1 + upstream Adjusting severity, got wrong before sending bug. Regards, Salvatore -- debian-science-maintainers mailing list debian-science-maintainers@lists.alioth.debian.org

Bug#886675: opencv: CVE-2018-5269

2018-01-08 Thread Salvatore Bonaccorso
Source: opencv Version: 3.2.0+dfsg-1 Severity: important Tags: security upstream Forwarded: https://github.com/opencv/opencv/issues/10540 Hi, the following vulnerability was published for opencv. CVE-2018-5269[0]: | In OpenCV 3.3.1, an assertion failure happens in | cv::RBaseStream::setPos in

Bug#886282: opencv: CVE-2017-1000450: Out of bounds write

2018-01-03 Thread Salvatore Bonaccorso
Source: opencv Version: 2.4.9.1+dfsg1-1 Severity: important Tags: patch security upstream Forwarded: https://github.com/opencv/opencv/issues/9723 Hi, the following vulnerability was published for opencv. CVE-2017-1000450[0]: | In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor