vigra package is vulnerable to CVE-2021-30046

OpenSubmitted by Léo Le Bouter.
Details
One participant
  • Léo Le Bouter
Owner
unassigned
Severity
normal
L
L
Léo Le Bouter wrote on 6 Apr 2021 19:21
(address . bug-guix@gnu.org)
49b8011d527a93437436f0e9039f638e6f9a7f12.camel@zaclys.net
CVE-2021-30046 15:15
VIGRA Computer Vision Library Version-1-11-1 contains a segmentation
fault vulnerability in the impex.hxx read_image_band() function, in
which a crafted file can cause a denial of service.


No fix provided yet.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBsmKwACgkQRaix6GvN
EKb12hAAtIgtQdZJxe22xEavnOd2vU/0g1B7BZZ8R55mb8nr4Ds74k4k+ZTyRQrp
a3S8If7l9Pz64xC7lZKzlxKEapGzCTeH+sI+jYcB5vI2DDwLF4Eqeq31KhrMA/Ki
dvoDmSA7AKWRHDDz+hUqzp655fgIGw4t9YG4+gEg3BQOCeG72Q+Hh1sko6VOOiky
j69c/mq8qzQDcG41iVw5SyK6iFafyONz5urMzzfe0D/C0HRFhlYB5+mZ5a3orzye
Q/t5i2fn7fm1q7x07i3/OLqeMtrPrtBQ1SK13rCNXKUaRQtRLwMu84VNCQ6qXoC1
Q7+ahuN8pzDSux6er0bQtKE1DL38nV7RSfyjo+q4dBSKJeotN9V5ZcyMySWUkosz
6uWJh8PX1ZKcAfLKDDujI+sTB8VUQD5RQFNZV1fni1tsNJIBWYgynvmCSWOoHRan
wJM98nVFkejAvDJvOFd2o6VEGOsWVS1qrIlGAc8r3Sk76V3IxLE+eaKpv+VMHalz
B5Vy2F2CT8x4oMe7XMBV0Lbpw/GgtQ03mIXlMWUFIJbrI3ZMKBclornXI8Itw2vH
Hk3wPMLAjwYDpRl+Lv2C88s6OBGSzvUDbgbJ8pTi7YGVnKoJoWqQ6137kxT337PA
NmIWzBqfHxIrYaGgs4o4lp8C1M9yHsZxMXnD2MgC6GSQjjhkcek=
=GhRa
-----END PGP SIGNATURE-----


L
L
Léo Le Bouter wrote on 6 Apr 2021 19:22
(address . control@debbugs.gnu.org)
39f093453400486423e834d1f1ba7e924973d959.camel@zaclys.net
tags 47622 + security
quit
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBsmPEACgkQRaix6GvN
EKZUahAAmwN90pj7Qz5hSsAG3iqTD3qMgRbTya/ckE3gX/Gf3GFSc9cK+73jteUy
+gj0jMnSFymuEkGaTsHFGY9N7xOlVnEGrAAXpBEmWlRYOZIu3ngXwIkYI1QQqe5I
asJIN4PVT0XXjsVREvmCjPW4Ij+CW0Wcu9FuikQPAQwtKZTj2KhMItITduDp9/9k
O2cLbmrdcji8o4OAyNv0w09hUx9CMUIbmAm1h9DCKZIJ+kqqvZhUaLWqqCttem9B
/KbthvMswtHxSo1O1p0Jx6aBjID4f9Jg1FmRPs38tKcZ9NNL4fu0bfrkb+SqiZZi
e7D7ybhwGy4dxyAzsfrMArH9FbFjXm6GWoHz6D4iwL4fIon3XZa5ur3fCY+UJBHl
60Xk74/6Ir9yvYuQL9Z9/YEjXbXGhveQbOiPXnBYUB4z9PyVnCKg1MsBKL1oNEyk
u9WHX4m3uQSULep2suAVQOlFMrg+G9hKZXAOFl8DLm+AFuhZk/8pqkNFECAwNWDP
0Z0LkcAXNVkpkgxZaHAjhdwVgB0Gf5O6HrqvIi0VB1TWbXZqDgrxF42E4HG6QH+Z
EI8pGJXMURdf9aJ/vJETp8UzAWKsR2LN2U9DjliuostCmzYuA7D/B9oU5favZCmM
2nNy7YwfQlTV3d4Qh5DjncN+ISehKM/YnuBjC7Rd29SB7tO16LQ=
=YSjm
-----END PGP SIGNATURE-----


?