Control: tags -1 upstream Control: forwarded -1 https://github.com/Unidata/netcdf-c/issues/3236
On 12/25/25 7:43 AM, Salvatore Bonaccorso wrote:
The set of reports oginate from ZDI reports and it not very clear if the issues will get fixed and have not found public upstream references where they track those. So this might be a first step at all to track these properly as well for us downstream. For now the CVE entries just refernce to the published ZDI reports.
I'm fairly sure we don't have to expect anything from upstream until after the festive season. Hopefully this will get fixed before the 4.10.0 release which still has many outstanding issues. I've forwarded this issue upstream to inquire about the release in which we can expect fixes. Kind Regards, Bas -- PGP Key ID: 4096R/6750F10AE88D4AF1 Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
