* [Buildroot] [PATCH 1/1] package/opencv4: bump version to 4.8.1
@ 2023-11-07 15:44 Woodrow Douglass via buildroot
2023-11-08 22:32 ` Thomas Petazzoni via buildroot
0 siblings, 1 reply; 2+ messages in thread
From: Woodrow Douglass via buildroot @ 2023-11-07 15:44 UTC (permalink / raw)
To: buildroot; +Cc: Woodrow Douglass, Fabrice Fontaine
Also, bump package/opencv4-contrib to keep in lock-step. This should address CVE-2023-2617 and CVE-2023-2618
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
---
package/opencv4-contrib/opencv4-contrib.hash | 2 +-
package/opencv4-contrib/opencv4-contrib.mk | 2 +-
package/opencv4/opencv4.hash | 2 +-
package/opencv4/opencv4.mk | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/opencv4-contrib/opencv4-contrib.hash b/package/opencv4-contrib/opencv4-contrib.hash
index 4f15162e50..954a0c2beb 100644
--- a/package/opencv4-contrib/opencv4-contrib.hash
+++ b/package/opencv4-contrib/opencv4-contrib.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 1777d5fd2b59029cf537e5fd6f8aa68d707075822f90bde683fcde086f85f7a7 opencv4-contrib-4.6.0.tar.gz
+sha256 0c082a0b29b3118f2a0a1856b403bb098643af7b994a0080f402a12159a99c6e opencv4-contrib-4.8.1.tar.gz
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 LICENSE
diff --git a/package/opencv4-contrib/opencv4-contrib.mk b/package/opencv4-contrib/opencv4-contrib.mk
index 81c45c6e02..52d2682b26 100644
--- a/package/opencv4-contrib/opencv4-contrib.mk
+++ b/package/opencv4-contrib/opencv4-contrib.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENCV4_CONTRIB_VERSION = 4.6.0
+OPENCV4_CONTRIB_VERSION = 4.8.1
OPENCV4_CONTRIB_SITE = $(call github,opencv,opencv_contrib,$(OPENCV4_CONTRIB_VERSION))
OPENCV4_CONTRIB_INSTALL_TARGET = FALSE
OPENCV4_CONTRIB_LICENSE = Apache-2.0
diff --git a/package/opencv4/opencv4.hash b/package/opencv4/opencv4.hash
index 419b420917..2736752633 100644
--- a/package/opencv4/opencv4.hash
+++ b/package/opencv4/opencv4.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 1ec1cba65f9f20fe5a41fda1586e01c70ea0c9a6d7b67c9e13edf0cfe2239277 opencv4-4.6.0.tar.gz
+sha256 62f650467a60a38794d681ae7e66e3e8cfba38f445e0bf87867e2f2cdc8be9d5 opencv4-4.8.1.tar.gz
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 LICENSE
diff --git a/package/opencv4/opencv4.mk b/package/opencv4/opencv4.mk
index 2a05de42fb..74cec511a9 100644
--- a/package/opencv4/opencv4.mk
+++ b/package/opencv4/opencv4.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENCV4_VERSION = 4.6.0
+OPENCV4_VERSION = 4.8.1
OPENCV4_SITE = $(call github,opencv,opencv,$(OPENCV4_VERSION))
OPENCV4_INSTALL_STAGING = YES
OPENCV4_LICENSE = Apache-2.0
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/opencv4: bump version to 4.8.1
2023-11-07 15:44 [Buildroot] [PATCH 1/1] package/opencv4: bump version to 4.8.1 Woodrow Douglass via buildroot
@ 2023-11-08 22:32 ` Thomas Petazzoni via buildroot
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-11-08 22:32 UTC (permalink / raw)
To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass, Fabrice Fontaine
Hello Woodrow,
On Tue, 7 Nov 2023 10:44:24 -0500
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
> Also, bump package/opencv4-contrib to keep in lock-step. This should address CVE-2023-2617 and CVE-2023-2618
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Thanks a lot for the patch!
The commit title should have mentioned that's it's a security bump. The
commit log should also be more affirmative: "should address" is not
good enough. Does it address, or doesn't it?
Both CVEs are fixed in OpenCV 4.7.0, so bumping from 4.6.0 to 4.8.1
indeed brings the fixes for those CVEs.
I adjusted the commit title and commit log and pushed to master. Thanks
for your contribution!
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-08 22:33 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-07 15:44 [Buildroot] [PATCH 1/1] package/opencv4: bump version to 4.8.1 Woodrow Douglass via buildroot
2023-11-08 22:32 ` Thomas Petazzoni via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox