UbuntuUpdates.org

Package "opencv"

Name: opencv

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Translation package for libcv-dev
  • computer vision library - libcv* translation package
  • Translation package for libcvaux-dev
  • computer vision library - libcvaux translation package
Latest version: 2.4.9.1+dfsg-1.5ubuntu1.1
Release: xenial (16.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "opencv" in Xenial

Repository Area Version
base universe 2.4.9.1+dfsg-1.5ubuntu1
security universe 2.4.9.1+dfsg-1.5ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.9.1+dfsg-1.5ubuntu1.1 2018-09-19 13:07:02 UTC

  opencv (2.4.9.1+dfsg-1.5ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read/write errors and buffer
    overflows in different functions.
    - debian/patches/CVE-2017-several.patch: fix in bitstrm.cpp,
      bitstrm.hpp, grfmt_bmp.cpp, grfmt_pxm.cpp, loadsave.cpp,
      test_grfmt.cpp and gpu_test.cpp.
    - CVE-2016-1516
    - CVE-2016-1517
    - CVE-2017-12597
    - CVE-2017-12598
    - CVE-2017-12599
    - CVE-2017-12600
    - CVE-2017-12601
    - CVE-2017-12602
    - CVE-2017-12603
    - CVE-2017-12604
    - CVE-2017-12605
    - CVE-2017-12606
    - CVE-2017-12862
    - CVE-2017-12863
    - CVE-2017-12864
  * SECURITY UPDATE: Out of bound write cause segmentation fault
    - debian/patches/CVE-2017-14136.patch: fix in grfmt_bmp.cpp,
      grfmt_exr.cpp, grfmt_jpeg.cpp, grfmt_jpeg2000.cpp,
      grfmt_sunras.cpp, utils.cpp and utils.hpp.
    - CVE-2017-14136
  * SECURITY UPDATE: Buffer Overflow in the cv::PxMDecoder::readData
    function in grfmt_pxm.cpp
    - debian/patches/CVE-2017-17760.patch: fix in grfmt_pxm.cpp.
    - CVE-2017-17760
  * SECURITY UPDATE: Integer overflow may lead to remote execution or
    denial of service
    - debian/patches/CVE-2017-1000450.patch: fix in grfmt_bmp.cpp.
    - CVE-2017-1000450
  * SECURITY UPDATE: A heap-based buffer overflow happens in
    cv::Jpeg2KDecoder::readComponent8u when parsing a crafted image file
    - debian/patches/CVE-2018-5268.patch: fix in grfmt_jpeg2000.cpp.
    - CVE-2018-5268
  * SECURITY UPDATE: an assertion failure happens in
    cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because
    of an incorrect integer cast.
    - debian/patches/CVE-2018-5269.patch: add overflow checks.
    - CVE-2018-5269

 -- Eduardo Barretto <email address hidden> Mon, 10 Sep 2018 18:14:39 -0300
CVE-2016-1516 OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.
CVE-2016-1517 OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.
CVE-2017-12597 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an
CVE-2017-12598 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcod
CVE-2017-12599 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an ima
CVE-2017-12600 OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-ex
CVE-2017-12601 OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfm
CVE-2017-12602 OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-mem
CVE-2017-12603 OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bit
CVE-2017-12604 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an i
CVE-2017-12605 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an
CVE-2017-12606 OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an
CVE-2017-12862 In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If
CVE-2017-12863 In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from r
CVE-2017-12864 In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is
CVE-2017-14136 OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image fi
CVE-2017-17760 OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.
CVE-2017-1000450 In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow.
CVE-2018-5268 In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing
CVE-2018-5269 In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.


About   -   Send Feedback to @ubuntu_updates