[Buildroot] [PATCH 1/1] package/opencv4: bump version to 4.8.1
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Wed Nov 8 22:32:51 UTC 2023
Hello Woodrow,
On Tue, 7 Nov 2023 10:44:24 -0500
Woodrow Douglass via buildroot <buildroot at buildroot.org> wrote:
> Also, bump package/opencv4-contrib to keep in lock-step. This should address CVE-2023-2617 and CVE-2023-2618
>
> Signed-off-by: Woodrow Douglass <wdouglass at carnegierobotics.com>
Thanks a lot for the patch!
The commit title should have mentioned that's it's a security bump. The
commit log should also be more affirmative: "should address" is not
good enough. Does it address, or doesn't it?
Both CVEs are fixed in OpenCV 4.7.0, so bumping from 4.6.0 to 4.8.1
indeed brings the fixes for those CVEs.
I adjusted the commit title and commit log and pushed to master. Thanks
for your contribution!
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
More information about the buildroot
mailing list