projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cc9a4ac)
package/opencv3: security bump to version 3.4.9
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sat, 11 Jan 2020 16:02:53 +0000 (17:02 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Sat, 11 Jan 2020 21:39:07 +0000 (22:39 +0100)
- Fix CVE-2019-14491: An issue was discovered in OpenCV before 3.4.7
  and 4.x before 4.1.1. There is an out of bounds read in the function
  cv::predictOrdered<cv::HaarEvaluator> in
  modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
- Fix CVE-2019-14492: An issue was discovered in OpenCV before 3.4.7
  and 4.x before 4.1.1. There is an out of bounds read/write in the
  function HaarEvaluator::OptFeature::calc in
  modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
- atomic workaround is not needed since version 3.4.8 and
  https://github.com/opencv/opencv/commit/464972855e25f71667009b8fe88092d11aab0297
- Update hash of license file (Xperience.AI added:
  https://github.com/opencv/opencv/commit/766465ce9483c20d54bfce422d285c077f6502bd)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/opencv3/opencv3.hash patch | blob | history
package/opencv3/opencv3.mk patch | blob | history

diff --git a/package/opencv3/opencv3.hash b/package/opencv3/opencv3.hash
index 0b88b52da584ed8f179e277684a5eb11ddf0a051..4953d01a1c0b07340454cbf0b963b23160fcfcd8 100644 (file)
--- a/package/opencv3/opencv3.hash
+++ b/package/opencv3/opencv3.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256 e7d311ff97f376b8ee85112e2b536dbf4bdf1233673500175ed7cf21a0089f6d  opencv3-3.4.6.tar.gz
-sha256 488b640f88bc72a1f9bbb985bde8352ed8826b863f0b3e14f7038c44bf95d6bc  LICENSE
+sha256 b7ea364de7273cfb3b771a0d9c111b8b8dfb42ff2bcd2d84681902fb8f49892a  opencv3-3.4.9.tar.gz
+sha256 c3596f2f886631ac49af2c9a201ca559f850bb5726bdc25eacbe2369a70caad9  LICENSE
diff --git a/package/opencv3/opencv3.mk b/package/opencv3/opencv3.mk
index d38107f6e796a8e45c15d110419d0a00014886fb..4ddd80723f602b480af88d27ba6b98159d4e888e 100644 (file)
--- a/package/opencv3/opencv3.mk
+++ b/package/opencv3/opencv3.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENCV3_VERSION = 3.4.6
+OPENCV3_VERSION = 3.4.9
 OPENCV3_SITE = $(call github,opencv,opencv,$(OPENCV3_VERSION))
 OPENCV3_INSTALL_STAGING = YES
 OPENCV3_LICENSE = BSD-3-Clause
@@ -13,11 +13,6 @@ OPENCV3_SUPPORTS_IN_SOURCE_BUILD = NO
 
 OPENCV3_CXXFLAGS = $(TARGET_CXXFLAGS)
 
-# Uses __atomic_fetch_add_4
-ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
-OPENCV3_CXXFLAGS += -latomic
-endif
-
 # Fix c++11 build with missing std::exception_ptr
 ifeq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_64735),y)
 OPENCV3_CXXFLAGS += -DCV__EXCEPTION_PTR=0