[ubuntu/disco-proposed] opencv 3.2.0+dfsg-5ubuntu1 (Accepted)
Gianfranco Costamagna
locutusofborg at debian.org
Wed Nov 28 18:38:21 UTC 2018
opencv (3.2.0+dfsg-5ubuntu1) disco; urgency=low
* Merge from Debian unstable. Remaining changes:
* SECURITY UPDATE: Out-of-bounds read/write errors and buffer
overflows in different functions.
- debian/patches/CVE-2017-several.patch: fix in bitstrm.cpp,
bitstrm.hpp, grfmt_bmp.cpp, grfmt_pxm.cpp, loadsave.cpp,
test_grfmt.cpp and cuda_test.cpp.
- CVE-2016-1516
- CVE-2016-1517
- CVE-2017-12597
- CVE-2017-12598
- CVE-2017-12599
- CVE-2017-12600
- CVE-2017-12601
- CVE-2017-12602
- CVE-2017-12603
- CVE-2017-12604
- CVE-2017-12605
- CVE-2017-12606
- CVE-2017-12862
- CVE-2017-12863
- CVE-2017-12864
* SECURITY UPDATE: Out of bound write cause segmentation fault
- debian/patches/CVE-2017-14136.patch: fix in grfmt_bmp.cpp,
grfmt_exr.cpp, grfmt_jpeg.cpp, grfmt_jpeg2000.cpp,
grfmt_pam.cpp, grfmt_sunras.cpp, utils.cpp and utils.hpp.
- CVE-2017-14136
* SECURITY UPDATE: Buffer Overflow in the cv::PxMDecoder::readData
function in grfmt_pxm.cpp
- debian/patches/CVE-2017-17760.patch: fix in grfmt_pxm.cpp.
- CVE-2017-17760
* SECURITY UPDATE: Integer overflow may lead to remote execution or
denial of service
- debian/patches/CVE-2017-1000450.patch: fix in grfmt_bmp.cpp.
- CVE-2017-1000450
* SECURITY UPDATE: A heap-based buffer overflow happens in
cv::Jpeg2KDecoder::readComponent8u when parsing a crafted image file
- debian/patches/CVE-2018-5268.patch: fix in grfmt_jpeg2000.cpp.
- CVE-2018-5268
* SECURITY UPDATE: an assertion failure happens in
cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because
of an incorrect integer cast.
- debian/patches/CVE-2018-5269.patch: add overflow checks.
- CVE-2018-5269
Date: Wed, 28 Nov 2018 19:35:26 +0100
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/opencv/3.2.0+dfsg-5ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 28 Nov 2018 19:35:26 +0100
Source: opencv
Binary: opencv-doc libopencv-dev opencv-data libopencv-core-dev libopencv-core3.2 libopencv-ml-dev libopencv-ml3.2 libopencv-imgproc-dev libopencv-imgproc3.2 libopencv-imgcodecs-dev libopencv-imgcodecs3.2 libopencv-video-dev libopencv-video3.2 libopencv-videoio-dev libopencv-videoio3.2 libopencv-objdetect-dev libopencv-objdetect3.2 libopencv-highgui-dev libopencv-highgui3.2 libopencv-calib3d-dev libopencv-calib3d3.2 libopencv-flann-dev libopencv-flann3.2 libopencv-features2d-dev libopencv-features2d3.2 libopencv-ts-dev libopencv-photo-dev libopencv-photo3.2 libopencv-videostab-dev libopencv-videostab3.2 libopencv-stitching-dev libopencv-stitching3.2 libopencv-shape-dev libopencv-shape3.2 libopencv-superres-dev libopencv-superres3.2 libopencv-viz-dev libopencv-viz3.2 libopencv-contrib-dev libopencv-contrib3.2 libopencv3.2-java libopencv3.2-jni python-opencv python3-opencv
Architecture: source
Version: 3.2.0+dfsg-5ubuntu1
Distribution: disco
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Description:
libopencv-calib3d-dev - development files for libopencv-calib3d3.2
libopencv-calib3d3.2 - computer vision Camera Calibration library
libopencv-contrib-dev - development files for libopencv-contrib3.2
libopencv-contrib3.2 - computer vision contrlib library
libopencv-core-dev - development files for libopencv-core3.2
libopencv-core3.2 - computer vision core library
libopencv-dev - development files for opencv
libopencv-features2d-dev - development files for libopencv-features2d3.2
libopencv-features2d3.2 - computer vision Feature Detection and Descriptor Extraction libra
libopencv-flann-dev - development files for libopencv-flann3.2
libopencv-flann3.2 - computer vision Clustering and Search in Multi-Dimensional spaces
libopencv-highgui-dev - development files for libopencv-highgui3.2
libopencv-highgui3.2 - computer vision High-level GUI and Media I/O library
libopencv-imgcodecs-dev - development files for libopencv-imgcodecs3.2
libopencv-imgcodecs3.2 - computer vision Image Codecs library
libopencv-imgproc-dev - development files for libopencv-imgproc3.2
libopencv-imgproc3.2 - computer vision Image Processing library
libopencv-ml-dev - development files for libopencv-ml3.2
libopencv-ml3.2 - computer vision Machine Learning library
libopencv-objdetect-dev - development files for libopencv-objdetect3.2
libopencv-objdetect3.2 - computer vision Object Detection library
libopencv-photo-dev - development files for libopencv-photo3.2
libopencv-photo3.2 - computer vision computational photography library
libopencv-shape-dev - development files for libopencv-shape3.2
libopencv-shape3.2 - computer vision shape descriptors and matchers library
libopencv-stitching-dev - development files for libopencv-stitching3.2
libopencv-stitching3.2 - computer vision image stitching library
libopencv-superres-dev - development files for libopencv-superres3.2
libopencv-superres3.2 - computer vision Super Resolution library
libopencv-ts-dev - development files for TS library of OpenCV (Open Computer Vision)
libopencv-video-dev - development files for libopencv-video3.2
libopencv-video3.2 - computer vision Video analysis library
libopencv-videoio-dev - development files for libopencv-videoio3.2
libopencv-videoio3.2 - computer vision Video I/O library
libopencv-videostab-dev - development files for libopencv-videostab3.2
libopencv-videostab3.2 - computer vision video stabilization library
libopencv-viz-dev - development files for libopencv-viz3.2
libopencv-viz3.2 - computer vision 3D data visualization library
libopencv3.2-java - Java bindings for the computer vision library
libopencv3.2-jni - Java jni library for the computer vision library
opencv-data - development data for opencv
opencv-doc - OpenCV documentation and examples
python-opencv - Python bindings for the computer vision library
python3-opencv - Python 3 bindings for the computer vision library
Changes:
opencv (3.2.0+dfsg-5ubuntu1) disco; urgency=low
.
* Merge from Debian unstable. Remaining changes:
* SECURITY UPDATE: Out-of-bounds read/write errors and buffer
overflows in different functions.
- debian/patches/CVE-2017-several.patch: fix in bitstrm.cpp,
bitstrm.hpp, grfmt_bmp.cpp, grfmt_pxm.cpp, loadsave.cpp,
test_grfmt.cpp and cuda_test.cpp.
- CVE-2016-1516
- CVE-2016-1517
- CVE-2017-12597
- CVE-2017-12598
- CVE-2017-12599
- CVE-2017-12600
- CVE-2017-12601
- CVE-2017-12602
- CVE-2017-12603
- CVE-2017-12604
- CVE-2017-12605
- CVE-2017-12606
- CVE-2017-12862
- CVE-2017-12863
- CVE-2017-12864
* SECURITY UPDATE: Out of bound write cause segmentation fault
- debian/patches/CVE-2017-14136.patch: fix in grfmt_bmp.cpp,
grfmt_exr.cpp, grfmt_jpeg.cpp, grfmt_jpeg2000.cpp,
grfmt_pam.cpp, grfmt_sunras.cpp, utils.cpp and utils.hpp.
- CVE-2017-14136
* SECURITY UPDATE: Buffer Overflow in the cv::PxMDecoder::readData
function in grfmt_pxm.cpp
- debian/patches/CVE-2017-17760.patch: fix in grfmt_pxm.cpp.
- CVE-2017-17760
* SECURITY UPDATE: Integer overflow may lead to remote execution or
denial of service
- debian/patches/CVE-2017-1000450.patch: fix in grfmt_bmp.cpp.
- CVE-2017-1000450
* SECURITY UPDATE: A heap-based buffer overflow happens in
cv::Jpeg2KDecoder::readComponent8u when parsing a crafted image file
- debian/patches/CVE-2018-5268.patch: fix in grfmt_jpeg2000.cpp.
- CVE-2018-5268
* SECURITY UPDATE: an assertion failure happens in
cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because
of an incorrect integer cast.
- debian/patches/CVE-2018-5269.patch: add overflow checks.
- CVE-2018-5269
Checksums-Sha1:
96e3b34a23dfbad36ee745fd1f6cebff2c7f077f 5992 opencv_3.2.0+dfsg-5ubuntu1.dsc
0be98eff1041b262f92921d7310b6e7385a9c6bb 38788 opencv_3.2.0+dfsg-5ubuntu1.debian.tar.xz
10b45171a59b07cbca6a80efacaa34ede86bb7d3 20800 opencv_3.2.0+dfsg-5ubuntu1_source.buildinfo
Checksums-Sha256:
11d4b3523ca528e3abaf90552dc18039484d3207ea1bbf7966fa97b4b6549885 5992 opencv_3.2.0+dfsg-5ubuntu1.dsc
33a2ac764df306ea1b40ceb0fe7fd4701143343f38cdc5131f69cab607a563a9 38788 opencv_3.2.0+dfsg-5ubuntu1.debian.tar.xz
c14cc112be014c51e4719db0033d973031f4d17a5c05387b8ebf225ae0d43a01 20800 opencv_3.2.0+dfsg-5ubuntu1_source.buildinfo
Files:
406ccb9d8133586ce6e3df2225918cf3 5992 devel optional opencv_3.2.0+dfsg-5ubuntu1.dsc
d7a10535b8d667c4697e4a941225f7ec 38788 devel optional opencv_3.2.0+dfsg-5ubuntu1.debian.tar.xz
d660032fec5529d6d3d92185ca7323d6 20800 devel optional opencv_3.2.0+dfsg-5ubuntu1_source.buildinfo
Original-Maintainer: Debian Science Team <debian-science-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAlv+4EwACgkQ808JdE6f
XdlZLg/8DKyBWbR76ldget+wuGapOxSrHo9Xi9V6CqTfuNA4hv7bm1yHlW2YyviC
C13E1EAiqMJgBvxACJMi3GYlROgjlCB2fBiA3iuC0/9j4yuoZOr6hBE4BNxJsW6m
ScQ77Gr+x+FvNF2wKwGUR6VJGs8woy2Su3hH0+8AdiRLq004mW99tatCT1pF4sN1
UpgwkFkfVxasS3nvQIKvrnc8/QBJVgTab+bBz3qNCJov+HpZnVX1pWYWlSFSjIIF
cB6GuUOJVQz4tUG3pUhApp57aWazC26aLWm9h1IGGaDI48U6t9/XdOMuz20WD4ek
0CpN/FpqhGhGOZDxR0sy8T8nVYKscUrGvBADvaOUoL1QBgP2kZFYDwjh3/DIV2qt
T67xELByCJs70UMc+zeEofLzQ95wIkSiRAchTEIiy0xzR9PRv4PK5cp6Uv+It5kJ
aoVx6SL7vDX28OI262cDbD+lggH76WfgapihifivvEJvIfMVwhBsib3DQE04Ggz+
ci70Nux7mazAPYuj409r+gNI9F8alt6DVtU250gi+mKuprsbFK58j+az6UDFMjym
jpW5TdqP1PAac398Kit5UeAix3aAPuNN0beb6/NHXcFmPTYt326BtZNOMQPzJh5P
HRBLtYRymHsPWLbJ8b4+rvRifl/EJ5lx20BbfhSH+LmwXJ2B9LA=
=Nt12
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list