[Git][security-tracker-team/security-tracker][master] Mark open CVEs for opencv as no-dsa

Salvatore Bonaccorso carnil at debian.org
Sun Jan 5 20:23:32 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
195a570f by Salvatore Bonaccorso at 2020-01-05T21:22:41+01:00
Mark open CVEs for opencv as no-dsa

Those are fairly minor and can be issued to be fixed via a scheduled
point release.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7858,6 +7858,7 @@ CVE-2019-19625 (SROS 2 0.8.1 (which provides the tools that generate and distrib
 	NOT-FOR-US: SROS
 CVE-2019-19624 (An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifica ...)
 	- opencv 4.1.2+dfsg-3
+	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
 	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
 	[jessie] - opencv <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418
@@ -26832,12 +26833,16 @@ CVE-2019-14493 (An issue was discovered in OpenCV before 4.1.1. There is a NULL
 CVE-2019-14492 (An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. T ...)
 	[experimental] - opencv 4.1.1+dfsg-1
 	- opencv 4.1.2+dfsg-3
+	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
+	[stretch] - opencv <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
 	NOTE: https://github.com/opencv/opencv/issues/15124
 	NOTE: https://github.com/opencv/opencv/commit/ac425f67e4c1d0da9afb9203f0918d8d57c067ed
 CVE-2019-14491 (An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. T ...)
 	[experimental] - opencv 4.1.1+dfsg-1
 	- opencv 4.1.2+dfsg-3
+	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
+	[stretch] - opencv <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
 	NOTE: https://github.com/opencv/opencv/issues/15125
 	NOTE: https://github.com/opencv/opencv/commit/ac425f67e4c1d0da9afb9203f0918d8d57c067ed



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/195a570fe21e48f942229b4ec4dd67188fc2ddfd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/195a570fe21e48f942229b4ec4dd67188fc2ddfd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200105/63ebfb3e/attachment.html>

More information about the debian-security-tracker-commits mailing list