[Git][security-tracker-team/security-tracker][master] add CVE-2018-17437 follow-up fix
Hugo Lefeuvre
hle at debian.org
Tue Apr 9 10:29:01 BST 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8ae96de9 by Hugo Lefeuvre at 2019-04-09T09:28:29Z
add CVE-2018-17437 follow-up fix
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34377,6 +34377,7 @@ CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtyp
NOTE: https://jira.hdfgroup.org/browse/HDFFV-10588
NOTE: fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt
NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/02d03b4624122955ee3de635699a4e3880fea377
+ NOTE: follow-up fix: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/d584b233a571fcc9854a716590fd09bd9e9320c4
CVE-2018-17436 (ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ...)
- hdf5 <undetermined>
NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8ae96de9d3ec46f0d7424aaa08f4239bb2d639e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8ae96de9d3ec46f0d7424aaa08f4239bb2d639e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190409/7404d5f5/attachment.html>
More information about the debian-security-tracker-commits
mailing list