Source: opencv Version: 2.4.9.1+dfsg1-2 Severity: important Tags: upstream security Forwarded: https://github.com/opencv/opencv/issues/5956
Hi, the following vulnerabilities were published for opencv. CVE-2016-1516[0]: | OpenCV 3.0.0 has a double free issue that allows attackers to execute | arbitrary code. CVE-2016-1516[1]: | OpenCV 3.0.0 has a double free issue that allows attackers to execute | arbitrary code. Unfortunately the reporters are not helping out upstream to identify the issues, and after several pings still not replies. Filling this bug so we are able to track in Debian the status about those issues in the BTS. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-1516 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1516 [1] https://security-tracker.debian.org/tracker/CVE-2016-1516 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1516 Please adjust the affected versions in the BTS as needed, none versions were really testable. The report mentions 3.0.0 but might affect any version. Regards, Salvatore -- debian-science-maintainers mailing list debian-science-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-science-maintainers
