[Git][security-tracker-team/security-tracker][master] Mark remaining hdf5 CVE as no-dsa/postponed.
Markus Koschany (@apo)
apo at debian.org
Wed Aug 9 07:24:57 BST 2023
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
70c636c5 by Markus Koschany at 2023-08-09T08:23:58+02:00
Mark remaining hdf5 CVE as no-dsa/postponed.
Wait until those issues are fixed in unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -103711,16 +103711,19 @@ CVE-2022-26061 (A heap-based buffer overflow vulnerability exists in the gif2h5
- hdf5 <unfixed> (bug #1031726)
[bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ [buster] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487
CVE-2022-25972 (An out-of-bounds write vulnerability exists in the gif2h5 functionalit ...)
- hdf5 <unfixed> (bug #1031726)
[bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ [buster] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485
CVE-2022-25942 (An out-of-bounds read vulnerability exists in the gif2h5 functionality ...)
- hdf5 <unfixed> (bug #1031726)
[bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ [buster] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486
CVE-2022-0935 (Host Header injection in password Reset in GitHub repository livehelpe ...)
NOT-FOR-US: livehelperchat
@@ -308039,6 +308042,7 @@ CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is
- hdf5 <unfixed> (bug #1034838)
[bookworm] - hdf5 <no-dsa> (Minor issue)
[bullseye] - hdf5 <no-dsa> (Minor issue)
+ [buster] - hdf5 <no-dsa> (Minor issue)
NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6
NOTE: https://jira.hdfgroup.org/browse/HDFFV-10710
CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
@@ -308053,6 +308057,7 @@ CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF
- hdf5 <unfixed> (bug #1034838)
[bookworm] - hdf5 <no-dsa> (Minor issue)
[bullseye] - hdf5 <no-dsa> (Minor issue)
+ [buster] - hdf5 <no-dsa> (Minor issue)
NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4
NOTE: https://jira.hdfgroup.org/browse/HDFFV-10712
NOTE: HDFFV-10712 is marked to be closed in a future 1.10.8 upstream release.
@@ -353341,6 +353346,7 @@ CVE-2018-11205 (A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c i
- hdf5 <unfixed> (bug #1034807)
[bookworm] - hdf5 <no-dsa> (Minor issue)
[bullseye] - hdf5 <no-dsa> (Minor issue)
+ [buster] - hdf5 <no-dsa> (Minor issue)
NOTE: https://jira.hdfgroup.org/browse/HDFFV-10479
CVE-2018-11204 (A NULL pointer dereference was discovered in H5O__chunk_deserialize in ...)
- hdf5 1.10.4+repack-1 (low)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70c636c5a9aa86e41001ee62ec2f063b3e63fc27
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70c636c5a9aa86e41001ee62ec2f063b3e63fc27
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230809/82c3541a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list