Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a11d36df by Neil Williams at 2022-01-28T10:24:10+00:00
Add 7 CVEs for HDF5
The issues are filed against a version not yet in Debian but the
vulnerabilities relate to test support for code which is in all
versions already uploaded. Issues remain open upstream.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4204,11 +4204,14 @@ CVE-2021-46246
CVE-2021-46245
RESERVED
CVE-2021-46244 (A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis
the functi ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1327
CVE-2021-46243 (An untrusted pointer dereference vulnerability exists in HDF5
v1.13.1- ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1326
CVE-2021-46242 (HDF5 v1.13.1-1 was discovered to contain a heap-use-after free
via the ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1329
CVE-2021-46241
RESERVED
CVE-2021-46240 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
@@ -7079,17 +7082,21 @@ CVE-2021-45835
CVE-2021-45834
RESERVED
CVE-2021-45833 (A Stack-based Buffer Overflow Vulnerability exists in HDF5
1.13.1-1 vi ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1313
CVE-2021-45832 (A Stack-based Buffer Overflow Vulnerability exists in HDF5
1.13.1-1 at ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1315
CVE-2021-45831 (A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1
in MP4Bo ...)
- - gpac <unfixed>
+ - gpac <undetermined>
NOTE: https://github.com/gpac/gpac/issues/1990
NOTE:
https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765
CVE-2021-45830 (A heap-based buffer overflow vulnerability exists in HDF5
1.13.1-1 via ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1314
CVE-2021-45829 (HDF5 1.13.1-1 is affected by: segmentation fault, which causes
a Denia ...)
- TODO: check
+ - hdf5 <undetermined>
+ NOTE: https://github.com/HDFGroup/hdf5/issues/1317
CVE-2021-45828
RESERVED
CVE-2021-45827
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11d36dfa647804c6f6c029b63a95812d55a77e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a11d36dfa647804c6f6c029b63a95812d55a77e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
