[Git][security-tracker-team/security-tracker][master] Process some new allocations for hdf5 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a0bc42d by Salvatore Bonaccorso at 2025-03-28T21:52:15+01:00
Process some new allocations for hdf5 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -114,13 +114,17 @@ CVE-2025-30211 (Erlang/OTP is a set of libraries for the Erlang programming lang
 	NOTE: https://github.com/erlang/otp/commit/d64d9fb0688092356a336e38a8717499113312a0 (OTP-25.3.2.19, OTP-26.2.5.10, OTP-27.3.1)
 	NOTE: https://github.com/erlang/otp/commit/5ee26eb412a76ba1c6afdf4524b62939a48d1bce (OTP-25.3.2.19, OTP-26.2.5.10, OTP-27.3.1)
 CVE-2025-2926 (A vulnerability was found in HDF5 up to 1.14.6 and classified as probl ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5384
 CVE-2025-2925 (A vulnerability has been found in HDF5 up to 1.14.6 and classified as  ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5383
 CVE-2025-2924 (A vulnerability, which was classified as problematic, was found in HDF ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5382
 CVE-2025-2923 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5381
 CVE-2025-2922 (A vulnerability classified as problematic was found in Netis WF-2404 1 ...)
 	NOT-FOR-US: Netis
 CVE-2025-2921 (A vulnerability classified as critical has been found in Netis WF-2404 ...)
@@ -134,13 +138,17 @@ CVE-2025-2917 (A vulnerability, which was classified as problematic, was found i
 CVE-2025-2916 (A vulnerability, which was classified as critical, has been found in A ...)
 	NOT-FOR-US: Aishida Call Center System
 CVE-2025-2915 (A vulnerability classified as problematic was found in HDF5 up to 1.14 ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5380
 CVE-2025-2914 (A vulnerability classified as problematic has been found in HDF5 up to ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5379
 CVE-2025-2913 (A vulnerability was found in HDF5 up to 1.14.6. It has been rated as p ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5376
 CVE-2025-2912 (A vulnerability was found in HDF5 up to 1.14.6. It has been declared a ...)
-	TODO: check
+	- hdf5 <unfixed>
+	NOTE: https://github.com/HDFGroup/hdf5/issues/5370
 CVE-2025-2911 (Unauthorised access to the call forwarding service system in MeetMe pr ...)
 	NOT-FOR-US: MeetMe
 CVE-2025-2910 (User enumeration in the password reset module of the MeetMe authentica ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0bc42d1ee733591c1f07b9e8bc60a373df7057

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0bc42d1ee733591c1f07b9e8bc60a373df7057
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250328/50e3c2c2/attachment.htm>