bug#47622: vigra package is vulnerable to CVE-2021-30046

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47622: vigra package is vulnerable to CVE-2021-30046

From:	Léo Le Bouter
Subject:	bug#47622: vigra package is vulnerable to CVE-2021-30046
Date:	Tue, 06 Apr 2021 19:21:48 +0200
User-agent:	Evolution 3.34.2

CVE-2021-30046  15:15
VIGRA Computer Vision Library Version-1-11-1 contains a segmentation
fault vulnerability in the impex.hxx read_image_band() function, in
which a crafted file can cause a denial of service.

Upstream issue: https://github.com/ukoethe/vigra/issues/494

No fix provided yet.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47622: vigra package is vulnerable to CVE-2021-30046, Léo Le Bouter <=

Prev by Date: bug#47458: Terrible UX upgrading Emacs in Guix
Next by Date: bug#33848: Store references in SBCL-compiled code are "invisible"
Previous by thread: bug#47618: "guix upgrade" and "guix package -u ." inconsistency
Next by thread: bug#47486: runc: hash mismatch
Index(es):
- Date
- Thread