[Git][security-tracker-team/security-tracker][master] CVE-2017-1750{5,6,8,9}: add commit links

[Hugo Lefeuvre]

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0cc28c96 by Hugo Lefeuvre at 2019-04-18T17:39:21Z
CVE-2017-1750{5,6,8,9}: add commit links

older, no-dsa CVEs, but might still be useful.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79649,6 +79649,7 @@ CVE-2017-17509 (In HDF5 1.10.1, there is an out of bounds write vulnerability in
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/5-hdf5-heap-overflow-H5G__ent_decode_vec
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
+	NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/2636f401ba236e99adda4cc50fb89bebbe0b73fd
 CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the functio ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
@@ -79656,6 +79657,7 @@ CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the f
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/1-hdf5-divbyzero-H5T_set_loc
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
+	NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/0a7128c0d5bd035288be7b02ca9cf9bba321aadd
 CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...)
 	- hdf5 <unfixed> (low; bug #915807)
 	[buster] - hdf5 <no-dsa> (Minor issue, requires ABI change)
@@ -79673,6 +79675,7 @@ CVE-2017-17506 (In HDF5 1.10.1, there is an out of bounds read vulnerability in
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/4-hdf5-outbound-read-H5Opline_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
+	NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/b1a6873b1021c967b661727edae9de87d194f744
 CVE-2017-17505 (In HDF5 1.10.1, there is a NULL pointer dereference in the function H5 ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
@@ -79680,6 +79683,7 @@ CVE-2017-17505 (In HDF5 1.10.1, there is a NULL pointer dereference in the funct
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/2-hdf5-null-pointer-H5O_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
+	NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7e3f95679677db07a5cc606f5edfb723ea56d04e
 CVE-2017-17504 (ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_pro ...)
 	{DSA-4204-1 DSA-4074-1 DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885340)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0cc28c96f156ab10f42ae97ace5313f04e29366e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0cc28c96f156ab10f42ae97ace5313f04e29366e
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190418/97e77c45/attachment.html>