[bug#30801] Add opencv

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#30801] Add opencv

From:	Ludovic Courtès
Subject:	[bug#30801] Add opencv
Date:	Fri, 11 May 2018 14:00:05 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Hello!

Björn Höfling <address@hidden> skribis:

> On Thu, 10 May 2018 00:01:13 +0200
> address@hidden (Ludovic Courtès) wrote:

[...]

>> ‘guix lint’ reports this:
>> 
>>   gnu/packages/image-processing.scm:201:2: address@hidden: probably
>> vulnerable to CVE-2018-7712, CVE-2018-7713, CVE-2018-7714
>> 
>> Could you take a look?  It could be that 3.4.2 is around the corner
>> and we’ll just update at that point; if not, we may have to apply
>> upstream patches for these issues.
>
> While finally linting, I noticed these too. OpenCV claims this is not
> an issue:
>
> https://github.com/opencv/opencv/issues/10998
>
> Should we mention it somewhere in the code? Is there a formal process
> to hide or comment specific CVEs?

The developer’s reasoning makes sense to me (IOW, the CVEs should be
against the applications that don’t handle exceptions properly rather
than against OpenCV itself.)

You can use the ‘lint-hidden-cve’ property to explicitly hide them.
Please add a comment with the URL above as well.

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#30801] Add opencv, Björn Höfling, 2018/05/07
- bug#30801: Add opencv, Ludovic Courtès, 2018/05/09
  - [bug#30801] Add opencv, Björn Höfling, 2018/05/11
    - [bug#30801] Add opencv, Ludovic Courtès <=
    - [bug#30801] Add opencv, Björn Höfling, 2018/05/12

Prev by Date: [bug#31404] Add installer support for u-boot imx6 boards.
Next by Date: [bug#31416] [PATCH 0/4] Generalize bootloader installer selection.
Previous by thread: [bug#30801] Add opencv
Next by thread: [bug#30801] Add opencv
Index(es):
- Date
- Thread