GNU bug report logs - #30801
[PATCH 0/1] Add opencv

Previous Next

Package: guix-patches;

Reported by: Björn Höfling <bjoern.hoefling <at> bjoernhoefling.de>

Date: Tue, 13 Mar 2018 16:59:01 UTC

Severity: normal

Tags: patch

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

Message #28 received at 30801-done <at> debbugs.gnu.org (full text, mbox):

From: Björn Höfling <bjoern.hoefling <at> bjoernhoefling.de>
To: ludo <at> gnu.org (Ludovic Courtès)
Cc: 30801-done <at> debbugs.gnu.org
Subject: Re: [bug#30801]  Add opencv
Date: Fri, 11 May 2018 11:51:24 +0200

[Message part 1 (text/plain, inline)]

On Thu, 10 May 2018 00:01:13 +0200
ludo <at> gnu.org (Ludovic Courtès) wrote:


> > * gnu/packages/image-processing.scm (opencv): New variable.  
> 
> Applied!

Thanks.
 
> ‘guix lint’ reports this:
> 
>   gnu/packages/image-processing.scm:201:2: opencv <at> 3.4.1: probably
> vulnerable to CVE-2018-7712, CVE-2018-7713, CVE-2018-7714
> 
> Could you take a look?  It could be that 3.4.2 is around the corner
> and we’ll just update at that point; if not, we may have to apply
> upstream patches for these issues.

While finally linting, I noticed these too. OpenCV claims this is not
an issue:

https://github.com/opencv/opencv/issues/10998

Should we mention it somewhere in the code? Is there a formal process
to hide or comment specific CVEs?


Björn

[Message part 2 (application/pgp-signature, inline)]

This bug report was last modified 7 years and 13 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #30801 [PATCH 0/1] Add opencv

GNU bug report logs - #30801
[PATCH 0/1] Add opencv