GNU bug report logs - #47622
vigra package is vulnerable to CVE-2021-30046

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Tue, 6 Apr 2021 17:22:01 UTC

Severity: normal

Tags: security

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: bug-guix <at> gnu.org
Subject: vigra package is vulnerable to CVE-2021-30046
Date: Tue, 06 Apr 2021 19:21:48 +0200

[Message part 1 (text/plain, inline)]

CVE-2021-30046	15:15
VIGRA Computer Vision Library Version-1-11-1 contains a segmentation
fault vulnerability in the impex.hxx read_image_band() function, in
which a crafted file can cause a denial of service.

Upstream issue: https://github.com/ukoethe/vigra/issues/494

No fix provided yet.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 4 years and 130 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47622 vigra package is vulnerable to CVE-2021-30046

GNU bug report logs - #47622
vigra package is vulnerable to CVE-2021-30046