[Git][security-tracker-team/security-tracker][master] Add 7 CVEs for HDF5
Neil Williams (@codehelp)
codehelp at debian.org
Fri Jan 28 10:27:13 GMT 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a11d36df by Neil Williams at 2022-01-28T10:24:10+00:00
Add 7 CVEs for HDF5
The issues are filed against a version not yet in Debian but the
vulnerabilities relate to test support for code which is in all
versions already uploaded. Issues remain open upstream.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4204,11 +4204,14 @@ CVE-2021-46246
CVE-2021-46245
RESERVED
CVE-2021-46244 (A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the functi ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1327
CVE-2021-46243 (An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1- ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1326
CVE-2021-46242 (HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1329
CVE-2021-46241
RESERVED
CVE-2021-46240 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the ...)
@@ -7079,17 +7082,21 @@ CVE-2021-45835
CVE-2021-45834
RESERVED
CVE-2021-45833 (A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 vi ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1313
CVE-2021-45832 (A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1315
CVE-2021-45831 (A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Bo ...)
- - gpac <unfixed>
+ - gpac <undetermined>
NOTE: https://github.com/gpac/gpac/issues/1990
NOTE: https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765
CVE-2021-45830 (A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1314
CVE-2021-45829 (HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1317
CVE-2021-45828
RESERVED
CVE-2021-45827
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11d36dfa647804c6f6c029b63a95812d55a77e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11d36dfa647804c6f6c029b63a95812d55a77e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220128/265db543/attachment.htm>
More information about the debian-security-tracker-commits
mailing list