[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for hdf5 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 10 20:40:03 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d78d68cd by Salvatore Bonaccorso at 2024-05-10T21:38:30+02:00
Add Debian bug reference for hdf5 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -242,27 +242,27 @@ CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to cont
 CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to 15.26.0 and ...)
 	NOT-FOR-US: Frappe Framework
 CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__c ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_d ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33875 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__l ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33874 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_n ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-33873 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__s ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -293,97 +293,97 @@ CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. In 8.0.2 and ea
 	NOTE: https://github.com/npgsql/npgsql/security/advisories/GHSA-x9vc-6hfv-hg8c
 	NOTE: https://github.com/npgsql/npgsql/commit/f7e7ead0702d776a8f551f5786c4cac2d65c4bc6
 CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32623 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32622 (HDF5 Library through 1.14.3 contains a out-of-bounds read operation in ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32621 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32620 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32619 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32618 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32617 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read cau ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32616 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32615 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32614 (HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32613 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32612 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32611 (HDF5 Library through 1.14.3 may use an uninitialized value in H5A__att ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32610 (HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, res ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32609 (HDF5 Library through 1.14.3 allows stack consumption in the function H ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32607 (HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resu ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32606 (HDF5 Library through 1.14.3 may attempt to dereference uninitialized v ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-32605 (HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_ ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
@@ -406,52 +406,52 @@ CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP Object
 CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team & Contr ...)
 	NOT-FOR-US: Timber
 CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, r ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29165 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29164 (HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_he ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29163 (HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find,  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29162 (HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in  ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29161 (HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_relea ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29160 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_hea ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29159 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoff ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29158 (HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_mallo ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
 CVE-2024-29157 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resu ...)
-	- hdf5 <unfixed>
+	- hdf5 <unfixed> (bug #1070861)
 	[bookworm] - hdf5 <no-dsa> (Minor issue)
 	[bullseye] - hdf5 <no-dsa> (Minor issue)
 	NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78d68cdc057004f08b781a18de2ae0195743e92

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78d68cdc057004f08b781a18de2ae0195743e92
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240510/6958627e/attachment.htm>


More information about the debian-security-tracker-commits mailing list