OpenCV: Multiple vulnerabilities — GLSA 201712-02

Multiple vulnerabilities have been discovered in OpenCV, the worst of which may result in a denial of service condition.

Affected Packages

media-libs/opencv on all architectures
Affected versions < 2.4.13-r3
Unaffected versions >= 2.4.13-r3

Background

OpenCV (Open Source Computer Vision Library) is an open source computer vision and machine learning software library.

Description

Multiple vulnerabilities have been discovered in OpenCV. Please review the referenced CVE identifiers for details.

Impact

An attacker can cause a denial of service condition or conduct other memory corruption attacks.

Workaround

There are no known workarounds at this time.

Resolution

All OpenCV users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-libs/opencv-2.4.13-r3"
 

References

Release Date
December 14, 2017

Latest Revision
December 14, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries