[Git][security-tracker-team/security-tracker][master] Add two hdf5 issues

Fri Aug 24 08:45:07 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
07429f0b by Salvatore Bonaccorso at 2018-08-24T07:43:38Z
Add two hdf5 issues

As for other similar reportings it is right now not clear if it has been
properly submitted to upstream and upstream is aware of the findings.
For now just mark it as undetermined, even if likely unstable version is
affected at least.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -279,9 +279,11 @@ CVE-2018-15674
 CVE-2018-15673
 	RESERVED
 CVE-2018-15672 (An issue was discovered in the HDF HDF5 1.10.2 library. A SIGFPE is ...)
-	TODO: check
+	- hdf5 <undetermined>
+	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5#divided-by-zero---divbyzero__h5d_chunk_poc
 CVE-2018-15671 (An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack ...)
-	TODO: check
+	- hdf5 <undetermined>
+	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5#stack-overflow---stackoverflow_h5p__get_cb
 CVE-2018-15670 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary ...)
 	NOT-FOR-US: Bloop Airmail
 CVE-2018-15669 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/07429f0b8f921afb2e2ac9b9647059bb8116726b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/07429f0b8f921afb2e2ac9b9647059bb8116726b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180824/44064d03/attachment.html>
