[Git][security-tracker-team/security-tracker][master] CVE-2019-915{1,2}, -8397: add upstream tracker links

Hugo Lefeuvre hle at debian.org
Sun Mar 24 10:05:33 GMT 2019 

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
130d868a by Hugo Lefeuvre at 2019-03-24T10:03:37Z
CVE-2019-915{1,2}, -8397: add upstream tracker links

Add links to upstream bug tracker entries for hdf5 CVE-2019-9152,
CVE-2019-9151 and CVE-2019-8397 (other -2019 CVEs don't have bug
tracker entries).

Note that access to the bug tracker requires login. Annoying, but you
can create a free account quickly following

https://www.hdfgroup.org/community/community-development/

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2750,9 +2750,11 @@ CVE-2019-9153
 CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <unfixed>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
+	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10719
 CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7
+	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10718
 CVE-2019-9150
 	RESERVED
 CVE-2019-9149
@@ -4534,6 +4536,7 @@ CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is
 CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5
+	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10711
 CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/130d868af8f8d04c267706b051057c88b3229427

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/130d868af8f8d04c267706b051057c88b3229427
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190324/145ecdd4/attachment.html>

More information about the debian-security-tracker-commits mailing list