Описание
Security update for opencv
This update for opencv fixes the following issues:
Security issues fixed:
- CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrderedcv:HaarEvaluator, leading to DOS (bsc#1144352).
- CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to denial of service (bsc#1144348).
- CVE-2019-15939: Fixed a divide-by-zero error in cv:HOGDescriptor:getDescriptorSize (bsc#1149742).
Non-security issue fixed:
- Fixed an issue in opencv-devel that broke builds with 'No rule to make target opencv_calib3d-NOTFOUND' (bsc#1154091).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP1
python2-opencv-3.3.1-6.6.1
python3-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2
python2-opencv-3.3.1-6.6.1
python3-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Workstation Extension 15 SP2
libopencv3_3-3.3.1-6.6.1
opencv-3.3.1-6.6.1
opencv-devel-3.3.1-6.6.1
Ссылки
- Link for SUSE-SU-2019:3192-2
- E-Mail link for SUSE-SU-2019:3192-2
- SUSE Security Ratings
- SUSE Bug 1144348
- SUSE Bug 1144352
- SUSE Bug 1149742
- SUSE Bug 1154091
- SUSE CVE CVE-2019-14491 page
- SUSE CVE CVE-2019-14492 page
- SUSE CVE CVE-2019-15939 page
Описание
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP1:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP1:python3-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python3-opencv-3.3.1-6.6.1
Ссылки
- CVE-2019-14491
- SUSE Bug 1144348
- SUSE Bug 1144352
Описание
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP1:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP1:python3-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python3-opencv-3.3.1-6.6.1
Ссылки
- CVE-2019-14492
- SUSE Bug 1144348
- SUSE Bug 1144352
Описание
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP1:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP1:python3-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python2-opencv-3.3.1-6.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2:python3-opencv-3.3.1-6.6.1
Ссылки
- CVE-2019-15939
- SUSE Bug 1149742