-
opencv (2.4.9.1+dfsg-1.5ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read/write errors and buffer
overflows in different functions.
- debian/patches/CVE-2017-several.patch: fix in bitstrm.cpp,
bitstrm.hpp, grfmt_bmp.cpp, grfmt_pxm.cpp, loadsave.cpp,
test_grfmt.cpp and gpu_test.cpp.
- CVE-2016-1516
- CVE-2016-1517
- CVE-2017-12597
- CVE-2017-12598
- CVE-2017-12599
- CVE-2017-12600
- CVE-2017-12601
- CVE-2017-12602
- CVE-2017-12603
- CVE-2017-12604
- CVE-2017-12605
- CVE-2017-12606
- CVE-2017-12862
- CVE-2017-12863
- CVE-2017-12864
* SECURITY UPDATE: Out of bound write cause segmentation fault
- debian/patches/CVE-2017-14136.patch: fix in grfmt_bmp.cpp,
grfmt_exr.cpp, grfmt_jpeg.cpp, grfmt_jpeg2000.cpp,
grfmt_sunras.cpp, utils.cpp and utils.hpp.
- CVE-2017-14136
* SECURITY UPDATE: Buffer Overflow in the cv::PxMDecoder::readData
function in grfmt_pxm.cpp
- debian/patches/CVE-2017-17760.patch: fix in grfmt_pxm.cpp.
- CVE-2017-17760
* SECURITY UPDATE: Integer overflow may lead to remote execution or
denial of service
- debian/patches/CVE-2017-1000450.patch: fix in grfmt_bmp.cpp.
- CVE-2017-1000450
* SECURITY UPDATE: A heap-based buffer overflow happens in
cv::Jpeg2KDecoder::readComponent8u when parsing a crafted image file
- debian/patches/CVE-2018-5268.patch: fix in grfmt_jpeg2000.cpp.
- CVE-2018-5268
* SECURITY UPDATE: an assertion failure happens in
cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because
of an incorrect integer cast.
- debian/patches/CVE-2018-5269.patch: add overflow checks.
- CVE-2018-5269
-- Eduardo Barretto <email address hidden> Mon, 10 Sep 2018 18:14:39 -0300
-
opencv (2.4.9.1+dfsg-1.5ubuntu1) xenial; urgency=medium
* Merge from Debian unstable. Remaining changes:
- debian/rules: Don't build OpenGL on armhf since it's not useful there.
opencv (2.4.9.1+dfsg-1.5) unstable; urgency=medium
* Non-maintainer upload.
* Do not use precompiled headers (Closes: #818450)
opencv (2.4.9.1+dfsg-1.4) unstable; urgency=medium
* Non-maintainer upload.
[ Andreas Cadhalpun ]
* Fix build with ffmpeg 3.0. (Closes: #803847)
-- Logan Rosen <email address hidden> Fri, 08 Apr 2016 14:13:33 +0000
-
opencv (2.4.9.1+dfsg-1.3ubuntu1) xenial; urgency=low
* Merge from Debian unstable. Remaining changes:
- In debian/rules don't build OpenGL on armhf; not useful there
opencv (2.4.9.1+dfsg-1.3) UNRELEASED; urgency=medium
* Non-maintainer upload.
* Refresh debian/patches:
- Update change_type_from_int_to_Atomic_word to fix
FTBFS on sparc64. (Closes: #714923)
- Re-add fix_without_sysctl.patch to fix FTBFS on x32. (Closes: #792264)
-- Steve Langasek <email address hidden> Thu, 11 Feb 2016 08:26:56 -0800
-
opencv (2.4.9.1+dfsg-1.2ubuntu1) xenial; urgency=low
* Merge from Debian unstable. Remaining changes:
- In debian/rules don't build OpenGL on armhf; not useful there
* Dropped changes:
- re-enable precompiled headers on arm64. According to the changelog
this was meant to have been done in version 2.4.9+dfsg-1ubuntu4 in
utopic, but we were still disabling them in debian/rules.
- opencv-data breaks libopencv-dev (<= 2.4.6.1+dfsg-2ubuntu1); the
difference in versions no longer matters for upgrades from trusty
(unaffected) or precise (matches Debian breaks).
- drop buggy self build-dependency on libopencv-ml-dev.
- add libopencv-ocl-dev to libcv-dev depends: dropped, no rationale was
given for this divergence from Debian.
* Dropped changes, included in Debian:
- Build-depend on libtbb-dev on ppc64el.
- Rename library packages for g++5 ABI transition.
opencv (2.4.9.1+dfsg-1.2) unstable; urgency=medium
* Non-maintainer upload.
* Rename library packages for g++5 ABI transition.
Patch provided by Matthias Klose. (Closes: #791226)
* Remove Lintian overrides from Matthias' patch, current Lintian accepts
v5 package names as-is.
* Build-depend on the version of openexr that started its transition.
* Add patch to stop checking the version of sphinx-build (which makes
no difference anyway), fixing arch-indep build (#792715; not closing
that bug here because it is unclear whether it is considered to be a
sphinx bug).
* Deliberately not addressing #794856 in this upload, since it requires
repacking the orig.tar and is not a regression.
opencv (2.4.9.1+dfsg-1.1) unstable; urgency=medium
* Non-maintainer upload.
[ Bernhard Übelacker ]
* Build with -march=i586 instead of -march=i686 on i386. (Closes: #784647)
opencv (2.4.9.1+dfsg-1) unstable; urgency=medium
* New upstream release.
* Add support ppc64el. (Closes: #754094)
-- Steve Langasek <email address hidden> Sun, 01 Nov 2015 11:05:04 -0800
-
opencv (2.4.9+dfsg-1ubuntu6) wily; urgency=medium
* Fix up various package interdependencies for the binary renames.
-- Steve Langasek <email address hidden> Thu, 06 Aug 2015 07:19:57 +0000
