[Git][security-tracker-team/security-tracker][master] Update some hdf5 related CVEs after unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 11 07:10:36 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
edf6227e by Salvatore Bonaccorso at 2024-12-11T08:10:03+01:00
Update some hdf5 related CVEs after unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -58732,27 +58732,27 @@ CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to cont
 CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to 15.26.0 and ...)
 	NOT-FOR-US: Frappe Framework
 CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__c ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_d ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33875 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__l ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33874 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_n ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33873 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__s ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -58783,82 +58783,82 @@ CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. The `WriteBind(
 	NOTE: https://github.com/npgsql/npgsql/security/advisories/GHSA-x9vc-6hfv-hg8c
 	NOTE: https://github.com/npgsql/npgsql/commit/f7e7ead0702d776a8f551f5786c4cac2d65c4bc6
 CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32623 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32622 (HDF5 Library through 1.14.3 contains a out-of-bounds read operation in ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32621 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32620 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32619 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32618 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32617 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read cau ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32616 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32615 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32614 (HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32613 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32612 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32611 (HDF5 Library through 1.14.3 may use an uninitialized value in H5A__att ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32610 (HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, res ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32609 (HDF5 Library through 1.14.3 allows stack consumption in the function H ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -58868,17 +58868,17 @@ CVE-2024-32608 (HDF5 library through 1.14.3 has memory corruption in H5A__close
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32607 (HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resu ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32606 (HDF5 Library through 1.14.3 may attempt to dereference uninitialized v ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32605 (HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_ ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -58901,52 +58901,52 @@ CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP Object
 CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team & Contr ...)
 	NOT-FOR-US: Timber
 CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, r ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29165 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29164 (HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_he ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29163 (HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find,  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29162 (HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in  ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29161 (HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_relea ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29160 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_hea ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29159 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoff ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29158 (HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_mallo ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29157 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resu ...)
-	- hdf5 <unfixed> (bug #1070861)
+	- hdf5 1.14.5+repack-1 (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -236561,7 +236561,7 @@ CVE-2021-46246
 CVE-2021-46245
 	RESERVED
 CVE-2021-46244 (A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the functi ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/HDFGroup/hdf5/issues/1327
 	NOTE: https://github.com/advisories/GHSA-vrxh-5gxg-rmhm
 	NOTE: https://github.com/HDFGroup/hdf5/issues/2242
@@ -236574,7 +236574,7 @@ CVE-2021-46243 (An untrusted pointer dereference vulnerability exists in HDF5 v1
 	NOTE: https://github.com/advisories/GHSA-2rqw-mg55-mp69
 	NOTE: Negligible security impact, malicous scientific data has more issues than a crash...
 CVE-2021-46242 (HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/HDFGroup/hdf5/issues/1329
 	NOTE: https://github.com/advisories/GHSA-x9pw-hh7v-wjpf
 	NOTE: https://github.com/HDFGroup/hdf5/pull/2255
@@ -239686,7 +239686,7 @@ CVE-2021-45835 (The Online Admission System 1.0 allows an unauthenticated attack
 CVE-2021-45834 (An attacker can upload or transfer files of dangerous types to the Ope ...)
 	NOT-FOR-US: OpenDocMan
 CVE-2021-45833 (A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 vi ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/HDFGroup/hdf5/issues/1313
 	NOTE: https://github.com/advisories/GHSA-x57p-jwp6-4v79
 	NOTE: https://github.com/HDFGroup/hdf5/pull/2241
@@ -239705,7 +239705,7 @@ CVE-2021-45831 (A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in
 	NOTE: https://github.com/gpac/gpac/issues/1990
 	NOTE: https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765 (v2.0.0)
 CVE-2021-45830 (A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/HDFGroup/hdf5/issues/1314
 	NOTE: https://github.com/advisories/GHSA-5h2h-fjjr-x9m2
 	NOTE: https://github.com/HDFGroup/hdf5/issues/2228
@@ -266777,7 +266777,7 @@ CVE-2021-37503
 CVE-2021-37502 (Cross Site Scripting (XSS) vulnerability in automad 1.7.5 allows remot ...)
 	NOT-FOR-US: automad
 CVE-2021-37501 (Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1 ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: Fixed in 1.10.x-series in 1.10.10 https://forum.hdfgroup.org/t/release-of-hdf5-1-10-10-newsletter-192/11006
 CVE-2021-37500 (Directory traversal vulnerability in Reprise License Manager (RLM) web ...)
@@ -427996,7 +427996,7 @@ CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is
 	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10711
 	NOTE: Negligible security impact, malicous scientific data has more issues than a crash
 CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...)
-	- hdf5 <unfixed> (bug #1034838)
+	- hdf5 1.14.5+repack-1 (bug #1034838)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	[buster] - hdf5 <no-dsa> (Minor issue)
@@ -456486,7 +456486,7 @@ CVE-2018-17441 (An issue was discovered on D-Link Central WiFi Manager before v
 CVE-2018-17440 (An issue was discovered on D-Link Central WiFi Manager before v 1.03r0 ...)
 	NOT-FOR-US: D-Link
 CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims
 	NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589
 	NOTE: Negligible security impact
@@ -459229,7 +459229,7 @@ CVE-2018-16440
 CVE-2018-16439
 	RESERVED
 CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: H5L_extern_query at H5Lexternal.c:498-10___out-of-bounds-read
 	NOTE: Negligible security impact
 CVE-2018-16437 (Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable ...)
@@ -465663,14 +465663,14 @@ CVE-2018-14034 (An issue was discovered in the HDF HDF5 1.8.20 library. There is
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 	NOTE: Negligible security impact
 CVE-2018-14033 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
-	- hdf5 1.10.8+repack-1 (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 	NOTE: Negligible security impact
 	NOTE: Fixed in 1.10.x-series in 1.10.8 https://forum.hdfgroup.org/t/release-of-hdf5-1-10-8-newsletter-180/9108
 CVE-2018-14032
 	REJECTED
 CVE-2018-14031 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
-	- hdf5 <unfixed> (unimportant)
+	- hdf5 1.14.5+repack-1 (unimportant)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 	NOTE: Negligible security impact
 CVE-2018-14030



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edf6227ee7edb51c2ff65ff65b24a8a6ca82ad9b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edf6227ee7edb51c2ff65ff65b24a8a6ca82ad9b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241211/0e360ab1/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list