Hello community, here is the log from the commit of package opencv3 for openSUSE:Factory checked in at 2019-11-06 13:48:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/opencv3 (Old) and /work/SRC/openSUSE:Factory/.opencv3.new.2990 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "opencv3" Wed Nov 6 13:48:16 2019 rev:4 rq:744503 version:3.4.7 Changes: -------- --- /work/SRC/openSUSE:Factory/opencv3/opencv3.changes 2019-09-25 00:48:15.445898355 +0200 +++ /work/SRC/openSUSE:Factory/.opencv3.new.2990/opencv3.changes 2019-11-06 13:48:21.415652400 +0100 @@ -1,0 +2,12 @@ +Thu Oct 17 16:34:57 UTC 2019 - Michael Gorse <mgo...@suse.com> + +- Update to 3.4.7 + Maintenance release, no changelog provided + * Security fixes: CVE-2019-14491 (boo#1144352), CVE-2019-14492 + (boo#1144348). +- Drop fix_processor_detection_for_32bit_on_64bit.patch: fixed + upstream. +- Add CVE-2019-15939.patch: add input check in HOG detector + (boo#1149742 CVE-2019-15939). + +------------------------------------------------------------------- Old: ---- fix_processor_detection_for_32bit_on_64bit.patch opencv-3.4.6.tar.gz opencv_contrib-3.4.6.tar.gz New: ---- CVE-2019-15939.patch opencv-3.4.7.tar.gz opencv_contrib-3.4.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ opencv3.spec ++++++ --- /var/tmp/diff_new_pack.XplmVD/_old 2019-11-06 13:48:26.139657520 +0100 +++ /var/tmp/diff_new_pack.XplmVD/_new 2019-11-06 13:48:26.187657573 +0100 @@ -33,7 +33,7 @@ %bcond_without openblas Name: opencv3 -Version: 3.4.6 +Version: 3.4.7 Release: 0 Summary: Collection of algorithms for computer vision # GPL-2.0 AND Apache-2.0 files are in 3rdparty/ittnotify which is not build @@ -49,8 +49,8 @@ Patch1: opencv-build-compare.patch # PATCH-FIX-OPENSUSE 0001-Do-not-include-glx.h-when-using-GLES.patch -- Fix build error on 32bit ARM, due to incompatible pointer types, https://github.com/opencv/opencv/issues/9171 Patch2: 0001-Do-not-include-glx.h-when-using-GLES.patch -# PATCH-FIX-UPSTREAM fix_processor_detection_for_32bit_on_64bit.patch -- Fix CPU detection for 32bit build on qemu-system-aarch64 -Patch3: fix_processor_detection_for_32bit_on_64bit.patch +# PATCH-FIX-UPSTREAM CVE-2019-15939.patch boo#1149742 mgo...@suse.com -- add input check in HOG detector. +Patch3: CVE-2019-15939.patch BuildRequires: cmake BuildRequires: fdupes BuildRequires: libeigen3-devel ++++++ CVE-2019-15939.patch ++++++ >From 5a497077f109d543ab86dfdf8add1c76c0e47d29 Mon Sep 17 00:00:00 2001 From: Alexander Alekhin <alexander.alek...@intel.com> Date: Fri, 23 Aug 2019 16:14:53 +0300 Subject: [PATCH] objdetect: add input check in HOG detector --- modules/objdetect/src/hog.cpp | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/modules/objdetect/src/hog.cpp b/modules/objdetect/src/hog.cpp index 9524851ee..378bab308 100644 --- a/modules/objdetect/src/hog.cpp +++ b/modules/objdetect/src/hog.cpp @@ -68,6 +68,7 @@ enum {DESCR_FORMAT_COL_BY_COL, DESCR_FORMAT_ROW_BY_ROW}; static int numPartsWithin(int size, int part_size, int stride) { + CV_Assert(stride != 0); return (size - part_size + stride) / stride; } @@ -80,13 +81,17 @@ static Size numPartsWithin(cv::Size size, cv::Size part_size, static size_t getBlockHistogramSize(Size block_size, Size cell_size, int nbins) { + CV_Assert(!cell_size.empty()); Size cells_per_block = Size(block_size.width / cell_size.width, - block_size.height / cell_size.height); + block_size.height / cell_size.height); return (size_t)(nbins * cells_per_block.area()); } size_t HOGDescriptor::getDescriptorSize() const { + CV_Assert(!cellSize.empty()); + CV_Assert(!blockStride.empty()); + CV_Assert(blockSize.width % cellSize.width == 0 && blockSize.height % cellSize.height == 0); CV_Assert((winSize.width - blockSize.width) % blockStride.width == 0 && @@ -144,20 +149,20 @@ bool HOGDescriptor::read(FileNode& obj) if( !obj.isMap() ) return false; FileNodeIterator it = obj["winSize"].begin(); - it >> winSize.width >> winSize.height; + it >> winSize.width >> winSize.height; CV_Assert(!winSize.empty()); it = obj["blockSize"].begin(); - it >> blockSize.width >> blockSize.height; + it >> blockSize.width >> blockSize.height; CV_Assert(!blockSize.empty()); it = obj["blockStride"].begin(); - it >> blockStride.width >> blockStride.height; + it >> blockStride.width >> blockStride.height; CV_Assert(!blockStride.empty()); it = obj["cellSize"].begin(); - it >> cellSize.width >> cellSize.height; - obj["nbins"] >> nbins; + it >> cellSize.width >> cellSize.height; CV_Assert(!cellSize.empty()); + obj["nbins"] >> nbins; CV_Assert(nbins > 0); obj["derivAperture"] >> derivAperture; obj["winSigma"] >> winSigma; obj["histogramNormType"] >> histogramNormType; obj["L2HysThreshold"] >> L2HysThreshold; obj["gammaCorrection"] >> gammaCorrection; - obj["nlevels"] >> nlevels; + obj["nlevels"] >> nlevels; CV_Assert(nlevels > 0); if (obj["signedGradient"].empty()) signedGradient = false; else -- 2.23.0 ++++++ opencv-3.4.6.tar.gz -> opencv-3.4.7.tar.gz ++++++ /work/SRC/openSUSE:Factory/opencv3/opencv-3.4.6.tar.gz /work/SRC/openSUSE:Factory/.opencv3.new.2990/opencv-3.4.7.tar.gz differ: char 14, line 1 ++++++ opencv_contrib-3.4.6.tar.gz -> opencv_contrib-3.4.7.tar.gz ++++++ /work/SRC/openSUSE:Factory/opencv3/opencv_contrib-3.4.6.tar.gz /work/SRC/openSUSE:Factory/.opencv3.new.2990/opencv_contrib-3.4.7.tar.gz differ: char 26, line 1