On Thu, Oct 09, 2025 at 08:05:41AM +0000, Holger Levsen wrote:
> control: tags -1 + moreinfo
> thanks
>
> On Wed, Oct 08, 2025 at 09:12:32PM +0000, Moritz Mühlenhoff wrote:
> > The whole premise of assigning CVE IDs to data parsing bugs in HDF seems
> > flawed
> > to begin with. If you use untrusted scientific data, some random parsing
> > bugs
> > are the least of your worries.
>
> so
>
> hdf5 limited Not covered by security support, only suitable for trusted
> content, see -1
>
> for all suites?
Not sure what the ", see -1" refers to, but the rest looks good to me. But this
should also be complemented with a README.Debian entry in the package itself,
not
everyone looks at debian-security-support.
Cheers,
Moritz
