Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2020-0030)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2020.0030

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2020-0030)

Zusammenfassung: The remote host is missing an update for the 'opencv' package(s) announced via the MGASA-2020-0030 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'opencv' package(s) announced via the MGASA-2020-0030 advisory.

Vulnerability Insight:
The updated packages fix security vulnerabilities:

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1.
There is an out of bounds read in the function cv::predictOrdered
in modules/objdetect/src/cascadedetect.hpp, which
leads to denial of service. (CVE-2019-14491)

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1.
There is an out of bounds read/write in the function HaarEvaluator::
OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which
leads to denial of service. (CVE-2019-14492)

An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error
in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
(CVE-2019-15939)

Affected Software/OS:
'opencv' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-14491
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/
https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
https://github.com/opencv/opencv/compare/371bba8...ddbd10c
https://github.com/opencv/opencv/issues/15125
SuSE Security Announcement: openSUSE-SU-2019:2671 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-14492
https://github.com/opencv/opencv/issues/15124
Common Vulnerability Exposure (CVE) ID: CVE-2019-15939
https://github.com/OpenCV/opencv/issues/15287
https://github.com/opencv/opencv/pull/15382
https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2020.0030
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2020-0030)
Zusammenfassung:	The remote host is missing an update for the 'opencv' package(s) announced via the MGASA-2020-0030 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'opencv' package(s) announced via the MGASA-2020-0030 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. (CVE-2019-14491) An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator:: OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. (CVE-2019-14492) An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. (CVE-2019-15939) Affected Software/OS: 'opencv' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14491 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/ https://github.com/opencv/opencv/compare/33b765d...4a7ca5a https://github.com/opencv/opencv/compare/371bba8...ddbd10c https://github.com/opencv/opencv/issues/15125 SuSE Security Announcement: openSUSE-SU-2019:2671 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2019-14492 https://github.com/opencv/opencv/issues/15124 Common Vulnerability Exposure (CVE) ID: CVE-2019-15939 https://github.com/OpenCV/opencv/issues/15287 https://github.com/opencv/opencv/pull/15382 https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
Copyright	Copyright (C) 2022 Greenbone AG